Cybercriminals are selling a new crimeware package that can automatically infect nearly 9,000 FTP servers at some major global companies, researchers said today. Researchers at Finjan say they recently stumbled upon a Website selling and trading these stolen FTP server administrator credentials in a software-as-a-service model.
“They are providing an application where you can trade and validate [these credentials], and even get their Google page ranking,” says Yuval Ben-Itzhak, CTO at Finjan. “You don’t need to hack or develop your own Trojan, and there’s no need to compromise a server by yourself” to gain access to the FTP servers and ultimately, the victim organization’s Website, he says. Stolen FTP Credentials Offered for Sale: Major Firms at Risk - Desktop Security News Analysis - Dark Reading
From around the Web
- Apple releases another mega-patch for Mac OS X
- Security flaw in smart cards poses risk for transit, building access
- Opera promises faster surfing with new browser
- Free TrojanProof Password Tool Released for Windows
- Security scans with OpenVAS
- Do ISPs pose a bigger online privacy threat than Google
- Firefox add on blocks clickjacking attacks
- Chrome Users Return to Internet Explorer, Firefox
- Google denies disassembling Vista
- Privacy Uncertain With New IE8 Feature
- Windows 7 UAC could be less of a nag
- Microsoft releases faster Desktop Search 4.0
- Vista users keen on SP1, but XP SP3 not so much
- Windows 7 Details In October, Microsoft Says
- Microsofts plans for post-Windows OS revealed