Finjan finds application selling FTP credentials

By on

Researchers at the web security firm Finjan on Wednesday announced they have discovered a small database containing about 8,700 file-transfer protocol (FTP) server credentials that were being used to plant malicious code on legitimate websites.

The database – located on a server based in Hong Kong, operated by Russians and administered from Amsterdam, Netherlands – contained usernames, passwords and server addresses that could grant access to at least 2,000 sites in the United States, including at least a dozen Fortune 500 companies and several government agencies, said Iftach Amit, director of security research at Finjan.

The credentials were being used by the hackers to access and infect legitimate websites with malicious code, but they also were being sold to other criminals through the underground market, Amit told SCMagazineUS.com.

Each credential was listed with a price tag, determined by the Google page-ranking of the website the information could be used to compromise, Amit said.

The credentials enable cybercriminals to gain access to websites to inject IFRAME tags into webpages, which can redirect the client's browser to a malicious server.

The Finjan researchers stumbled across the application after tracking a number of trusted websites that contained code pointing to the overseas server, which also was hosting a crimeware toolkit being used to distribute malware.

Amit said organisations are welcome to contact Finjan to determine if their FTP credentials were listed on the database. In the meantime, the company has contacted numerous law enforcement agencies, including the FBI.

An agency spokesman could not confirm whether the FBI was investigating.

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
applications ftpfinjan ftpsecurity

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation
Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early
NBN Co taking orders for 'non-premises' connections

NBN Co taking orders for 'non-premises' connections
Australian scientists build world's first quantum computer IC

Australian scientists build world's first quantum computer IC

Digital Nation

Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
The security threat of quantum computing
The security threat of quantum computing

Log In

  |  Forgot your password?