DOWNLOAD: Best tool to repair Windows problems & optimize system performance | Best driver update software for your PC
 
Results 1 to 2 of 2

Thread: Monster breach exposes Amazon and BBC to compromise

  1. #1
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default Monster breach exposes Amazon and BBC to compromise

    "Security researchers have found a treasure chest of FTP passwords, some from high profile sites, on an open cybercrime server.
    Jacques Erasmus, CTO at security tools firm Prevx, stumbled across a site where a Trojan is uploading FTP login credentials captured from compromised machines. So far, Erasmus has found logins for ftp.bbc.co.uk, ftp.cisco.com, ftp.amazon.com, ftp.monster.com and, even security sites including ftp.mcafee.com and ftp.symantec.com along the extensive list of more than 68,000.

    Other login credentials refer to the Bank of America, one of the few organisations PrevX has had time to notify directly at the time of writing.

    Initial investigations suggest the logins were swiped during the last two weeks and that at least some remain valid. The breach therefore opens the door for hackers to upload drive-by download scripts and other nasties onto compromised sites. PrevX is running scans to detect rogue iFrames on potentially vulnerable sites, and is yet to see any evidence that this has actually happened.
    Erasmus explained that the FTP login data is getting uploaded by a variant of the zbot Trojan onto a server hosted in China, where they are stored in plain text and thus potentially open to all and sundry to find and abuse. PrevX has filed an abuse complaint against the site with the hosting provider.
    "The data is harvested from users' machines, when they get infected," Erasmus explained. "A typical scenario might be that a web designer for one of the organisations gets infected, his stored ftp login details gets compromised, and so the attacker in this case is able to log in to the ftp site and compromise the website pages."
    "It's the biggest compromise of its type I've seen," Erasmus told El Reg."





    Source: Blue chip FTP logins found on cybercrime server ? The Register
    Last edited by HappyAndyK; 28th June 2009 at 03:37. Reason: Removed Google ad script appearing in post :)

  2. #2
    seti is offline Member
    Join Date
    Nov 2008
    Posts
    1,923

    Default

    Thank you? for this most worrying post my friend

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22