ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Onliner Spambot Data Breach

Massive exposure
Verified breach Spam list Passwords exposed
Accounts exposed 711,477,622
Breach date 28 Aug 2017
Added to tracker 29 Aug 2017
Data classes 2

What happened

In August 2017, a spambot by the name of Onliner Spambot was identified by security researcher Benkow moʞuƎq. The malicious software contained a server-based component located on an IP address in the Netherlands which exposed a large number of files containing personal information. In total, there were 711 million unique email addresses, many of which were also accompanied by corresponding passwords. A full write-up on what data was found is in the blog post titled Inside the Massive 711 Million Record Onliner Spambot Dump.

Exposed data

Email addresses Passwords

Recommended actions

  • Change your Onliner Spambot password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Onliner Spambot — attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP