Trailrunner7 (1100399) writes "Researchers have discovered that the gang behind the once-and-future botnet Waledac has gathered nearly 500,000 stolen passwords for email accounts, along with close to 125,000 sets of pilfered credentials for FTP accounts.
The discovery isn't so surprising in its details, but rather in its scope. There are a slew of Trojans and info-stealing pieces of malware around these days that are designed specifically to seek out and steal this kind of data. Email passwords, which often are simple and reused on other accounts by victims, can give attackers access to far more than just a victim's mundane message exchanges with friends. Email accounts can lead to online banking credentials, credit card accounts and other high-value data.
Researchers at The Last Line of Defense, a security firm comprising professors and grad students from universities around the world, analyzed the data that the Waledac crew had gathered and found that the email credentials were being used in spam campaigns designed to evade real-time blacklists and other filters."
Link to Original Source