Spammers expose their entire operation through bad backups
Sometimes you just have to grin when the bad guys screw up, misconfigure their backup, and expose their entire operation to the world. This is one of those times. Chris Vickery of the MacKeeper Security Research team and Steve Ragan of Salted Hash have the mega leak of the year.
This is the story of how River City Media (RCM), Alvin Slocombe, and Matt Ferris, accidentally exposed their entire operation to the public after failing to properly configure their Rsync backups.
The data from this well-known, but slippery spamming operation, was discovered by Chris Vickery, a security researcher for MacKeeper and shared with Salted Hash, Spamhaus, as well as relevant law enforcement agencies.
While security practitioners are familiar with spammers and their methods, this story afforded Salted Hash with a rare opportunity to look behind the curtain and view their day-to-day operations.
Grab your coffee and read their coverage on MacKeeper and Salted Hash while I try to wake up more. Why should you read it, you wonder? Because you or someone in your family is probably affected. As Chris explains:
The situation presents a tangible threat to online privacy and security as it involves a database of 1.4 billion email accounts combined with real names, user IP addresses, and often physical address. Chances are that you, or at least someone you know, is affected.
Update: On March 21, 2017, River City filed suit against Chris Vickery, Kromtech, CSO, Ragan and others. They accuse the defendants of hacking, violations of the SCA, violations of ECPA, and violations of trade secrets law, among other charges.