Cofense published a database of over 200M compromised email accounts - Technical.ly DC

Business

Aug. 13, 2019 1:07 pm

Cofense published a database of over 200M compromised email accounts

After Cofense Labs discovered a "for rent" botnet last month, the cybersecurity startup released a database of email addresses compromised by sextortion campaigns.

Are your emails protected?

(Photo by Pixabay user rawpixel, used under a Creative Commons license)

Leesburg, Va.–based cybersecurity startup Cofense recently published a database of over 200 million email accounts targeted by a large sextortion scam.

A sextortion email is a tactic that hackers use to scare people into making ransom payments so they won’t leak their sensitive information online. Confense said it found that $1.5 million in ransom payments via Bitcoin were made to hackers this year alone as a result of sextortion campaigns.

The company’s new research and development arm, Cofense Labs, discovered a “for rent” botnet in June that was primarily used to send sextortion emails, a press release states. Since its discovery, Cofense Labs has been monitoring the botnet’s activity.

“This botnet is not infecting computers to acquire new data sets – it is a true “spray and pray” attack reusing credentials culled from past data breaches to fuel legitimacy and panic through sextortion scams,” Aaron Higbee, Cofense cofounder and CTO, said in a statement.

Another way hackers can get access to your information to send sextortion emails is weak or reused passwords. Cofense said that hackers behind this campaign are using recycled email address and passwords, dating back at least 10 years.

“If your email address is found in a target list used by the botnet, it’s highly likely you will receive a sextortion email – if you haven’t already. We felt it was critical to get this information out. We hope that victims receiving a sextortion email will find our resource center so they can avoid the anxiety and stress of trying to figure out whether to pay a bitcoin ransom,” Higbee said in a statement.

Advertisement

Higbee advised that the owners of these compromised email addresses should change the password and the passwords of any account associated with the address. He also said you shouldn’t respond to or pay any ransom if you receive a sextortion email.

-30-
JOIN THE COMMUNITY, BECOME A MEMBER
Already a member? Sign in here
Connect with companies from the Technical.ly community
New call-to-action

Advertisement

HyperQube launches ‘cyber range as a service’

Cofense launched a new product to combat phishing attacks

ThreatQuotient and Visa are partnering to strengthen payment data defenses

SPONSORED

DC

Verizon is looking for the brightest ideas on how to use its 5G technology

Washington, D.C.

The Washington Post

Full Stack Developer

Apply Now
Washington, D.C.

The Washington Post

Senior Full Stack Software Engineer

Apply Now
Washington, DC

SmartLogic

Account Executive (DC)

Apply Now

Romanian hackers arrested for shutting down 65 percent of DC surveillance cameras before Trump inauguration

After two and a half years of R&D, Verodin emerges from stealth mode

Sign-up for daily news updates from Technical.ly Dc

Do NOT follow this link or you will be banned from the site!