Cybercriminals are selling a new crimeware package that can automatically infect nearly 9,000 FTP servers at some major global companies, researchers said today. Researchers at Finjan say they recently stumbled upon a Website selling and trading these stolen FTP server administrator credentials in a software-as-a-service model.
“They are providing an application where you can trade and validate [these credentials], and even get their Google page ranking,” says Yuval Ben-Itzhak, CTO at Finjan. “You don’t need to hack or develop your own Trojan, and there’s no need to compromise a server by yourself” to gain access to the FTP servers and ultimately, the victim organization’s Website, he says. Stolen FTP Credentials Offered for Sale: Major Firms at Risk – Desktop Security News Analysis – Dark Reading
From around the Web
- Gmail to drop IE6 support this year
- Older IE Versions Maintain Sizable Market Share Despite Security Concerns
- Google Chrome 4 Bolsters Browser Security with New Features
- 10 Reasons Why Microsoft Should Have Discussed Security At CES
- How three vendors screwed up USB stick security
- 94 more secret Windows shortcuts
- Facebook CEO: Privacy Not the Social Norm
- More flash drive firms warn of security flaw; NIST investigates
- The ultimate God Mode list: 39 secret Windows 7 shortcuts
- Microsoft, Adobe prep critical security patches
- Mozilla fixes upgrade flaw in Firefox
- Chrome grabs market share from IE and Firefox, passes Safari
- Facebook enhances privacy settings
- Windows 7 tricks: 20 top tips and tweaks
- The ABCs of securing your Windows netbook