While Finjan was researching a server hosting a new version of NeoSploit crimeware toolkit, a database of over 8,000 ftp accounts was uncovered. 10% of Alexa’s top 100 domains login username & password are in the database. A majority of the accounts originate in the United States.

Also uncovered was a trading application that rates the quality of the compromised accounts according to location of the ftp server. This allows hackers to put a price on the stolen accounts.

These login credentials were stolen by appending an HTML iframe tag onto the victims website. This type of attack we are finding almost every day during our own research. Finjan identified government websites hosting similar malicious code on their websites. An example they talked about was a website belonging to a State Superior court.

Finjan is offering to identify if your website appears in this database by filling out this form.

Author: Christopher

(No Ratings Yet)

 Loading ...