I'm surprised that I can't find any reference here to Onliner Spambot
There must be, and I've probably missed it! So can you point me towards it please?
Background info is below.
Leo Notenboom ("Ask Leo") has just advised of a huge breach (referred to as the “Collection #1 breach“) that apparently contains something like three-quarters of a billion email addresses and plain-text passwords. He says "It's newsworthy because it's huge and contains passwords for anyone to see". He recommends using haveibeenpwned.com to determine if your email address is part of the breach. My wife has two bt email addresses: @btinternet.com and @btopenworld.com and the latter has been affected by the Onliner Spambot.
In August 2017, a spambot by the name of Onliner Spambot was identified by security researcher Benkow moʞuƎq. The malicious software contained a server-based component located on an IP address in the Netherlands which exposed a large number of files containing personal information. In total, there were 711 million unique email addresses, many of which were also accompanied by corresponding passwords. A full write-up on what data was found is in the blog post titled Inside the Massive 711 Million Record Onliner Spambot Dump.