“A cooperative team of investigators came together in January after I stumbled upon a suspicious collection of files,” said MacKeeper researcher Chris Vickery.
“Someone had forgotten to put a password on this repository and one of the biggest spam empires is now falling.”
RCM had not configured its rsync backups properly, leaving its records accessible on a public port.
“I found an rsync server on port 873 that they had not put any password or security on and it has led to the downfall of a criminal enterprise,” Vickery told TechCrunch.
The spammers have been reported to law enforcement, and Vickery has found 1.34 billion email addresses which were set to receive spam.
“Details of the even more abusive scripts and techniques have been forwarded on to Microsoft, Apple, and others.”