fantastic writeup<\/a> about RCM and its operations. In Ragan\u2019s words, the spammers \u201caccidentally exposed their entire operation to the public after failing to properly configure their Rsync backups.\u201d<\/p>\nThe researchers found chat logs which revealed that the spammers used a type of Slowloris attack to send their spam. They would \u201copen as many connections as possible between themselves and a Gmail server. This is done by purposefully configuring your own machine to send response packets extremely slowly, and in a fragmented manner, while constantly requesting more connections.\u201d<\/p>\n
Vickery added:<\/p>\n
Then, when the Gmail server is almost ready to give up and drop all connections, the spammer suddenly sends as many emails as possible through the pile of connection tunnels. The receiving side is then overwhelmed with data and will quickly block the sender, but not before processing a large load of emails.<\/p>\n
It’s a twist on a Slowloris attack, since \u201cthe spammer is not trying to completely disable the receiving server, he is only temporarily stressing the resources in order to overwhelm and force the processing of bulk email.\u201d<\/p>\n
The data appears to be real, but some may be outdated such as a person no longer living at the physical address attached to his or her name in the spammer\u2019s database. The researchers notified law enforcement and sent Microsoft, Apple and others details about abusive scripts and techniques.<\/p>\n
Vickery and Ragan intend to reveal more about the RCM operation. As Vickery put it, \u201cThere are enough spreadsheets, hard drive backups, and chat logs here to fill a book.\u201d<\/p>\n
http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"![](\"http:\/\/zapt3.staticworld.net\/images\/article\/2015\/10\/spam-pixabay-100623039-primary.idge.jpg\"\/)
<\/p>\n
Credit to Author: Darlene Storm| Date: Mon, 06 Mar 2017 06:19:00 -0800<\/strong><\/p>\n\n\nNearly 1.4 billion people are affected by a database records leak caused by spamming group River City Media (RCM) forgetting to password-protect their backups.<\/p>\n
Last week, MacKeeper security researcher Chris Vickery promised a \u201c1.4 billion identity leak story<\/a>\u201d would be made public on Monday. The actual number of people affected \u2013 1,374,159,612 \u2013 is slightly lower than that, but is nothing to scoff at.<\/p>\n