On Wed, 24 Oct 2018 10:35:19 +0000 Suresh Ramasubramanian <ops.li...@gmail.com> wrote: > That's there. However this gang has generally operated by downloading > out of date password dumps > --srs > in my case, it was one of the floss lists where i am subscribed. I am glad it is not ripe :) Anyway, the days on the Internet when there are many shell accounts on community boxes is sadly done for....
Just an additional thing about this type of abuse: - It seems that some criminals are copying the gangs that steal actual data, and these opportunistic criminals are simply dumping spam, with random passwords and to for sale data lists. So, there is a skill in distinguishing between spam abuse as it relates to opportunistic social engineering, to actual extortion where the criminals are also sending a mailman password in an email that claims to have the email box password and of course the actual real crime, where the criminals has brute forced a box or has real credentials. imnsho, there are at least eight main different crimes or modus in all these seemingly similar abuses... Andre
