Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Network Security Viruses & Malware Hackers Security Solutions More Topics...
Eliminate costly downtime!
Find out how with Free White Paper
& enter to win a Samsung Galaxy Note

www.apc.com
Applications
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
Hackers Use SaaS To Auction FTP Passwords, Inject Code
Hackers Use SaaS To Auction FTP Passwords, Inject Code

By Jennifer LeClaire
February 28, 2008 8:33AM

Bookmark and Share
Security firm Finjan says criminals are auctioning more than 8,700 FTP credentials based on Google page rankings, using software with an eBay-like interface. The NeoSploit 2 toolkit uses SaaS to let cybercriminals inject infectious code onto Web pages. The stolen user names and passwords include some of the world's top 100 domains.
 

Related Topics

FTP
SaaS
Cybercriminals
eBay


More than 8,700 FTP log-in names and passwords are being peddled at an online auction site for stolen data, according to security firm Finjan. The site includes software that lets criminals hack Web servers and automatically inject crimeware that infects visitors to the Web site.

Some of the information opens a back door into Fortune 500 companies in manufacturing, telecom, media, online retail and IT, as well as government agencies. The stolen FTP accounts include some of the world's top 100 domains as ranked by Alexa.com.

Putting a Price on Stolen Data

Finjan's Malicious Code Research Center detailed the workings of the software, dubbed the NeoSploit 2 toolkit, that is designed to exploit and trade FTP account credentials stolen from legitimate companies.

Here's how it works: The software uses an eBay-like trading interface to qualify the stolen accounts in terms of the country where the server is located and the Google page ranking of the compromised server. Cybercriminals use the information to set a price for the compromised FTP credentials so they can be resold to other cybercriminals or adjust an attack on more prominent sites. The software also allows cybercriminals to use the FTP credentials to automatically inject HTML IFrame tags into Web pages on the compromised server.

"Software as a service (SaaS) has been evolving for sometime, but until now it has been applied only to legitimate applications. With this new trading application, cybercriminals have an instant 'solution' to their 'problem' of gaining access to FTP credentials and thus infecting both the legitimate Web sites and its unsuspecting visitors. All of this can be easily achieved with just one push of a button," said Yuval Ben-Itzhak, CTO of Finjan.

According to Finjan, the NeoSploit 2 toolkit marks a serious escalation of crimeware potential, since it uses the SaaS business model.

The fact that cybercriminals are becoming more organized and sophisticated shouldn't be news to any IT department fighting the ever-growing threat. However, many businesses will be wondering if they might be the next victim, according to Graham Cluley, a senior technology consultant at Sophos.

Criminals Target the Unsuspecting

Sophos experts are discovering 6,000 newly infected Web pages every day -- that's one every 14 seconds. Eighty-three percent of those Web pages belong to companies and individuals who are not aware that their sites have been hacked.

"Criminal gangs are not only infecting Web pages, they are also trading user names and passwords to waltz straight onto corporate Web sites and plant dangerous code," Cluley said. "That means that even if your Web site does not have a vulnerability on it which can be exploited, the hackers can walk in through a side entrance." (continued...)

1  |  2  |  Next Page >

 

Tell Us What You Think
Comment:

Name:



Your Next Generation Data Center Is Here! Vblock™ Systems: the world's most advanced converged infrastructure are built on the Cisco Unified Computing System with Intel® Xeon® processors. Vblock™ Systems deliver extraordinary time to market, ROI and TCO, and flexibility to meet your continually changing demands with 5X faster deployment, 96% less downtime, and 1/2 the cost. Click here to learn more.


 Applications
1.   Hortonworks, Concurrent To Partner
2.   APX Labs Aims To Put Glass in Business
3.   Uber Meets Local Lookalikes in Asia
4.   Android Gets Chrome Remote Desktop
5.   Silverpop: IBM Marketing Gets Personal


advertisement
Last Fixes Tuesday for XP, Office 2003
Microsoft closing out support for two.
Average Rating:
APX Labs Aims To Put Glass in Business
$10M to fund Skylight app for device.
Average Rating:
Uber Meets Local Lookalikes in Asia
Fights homegrown apps for dominance.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
 
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
 
Where Do Web Sites Stand, Post-Heartbleed?
A security firm says the vast majority of Web sites have patched themselves to protect against the Heartbleed bug, but now there are questions raised on the reliability of open-source programs.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Hackers | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.