Finjan Finds Database of 8,700 Stolen FTP Credentials

Forum Moderators: phranque

Message Too Old, No Replies

Finjan Finds Database of 8,700 Stolen FTP Credentials

tedster

4:36 pm on Feb 28, 2008 (gmt 0)

Researchers at the security vendor uncovered a cache of stolen credentials for top domains across the globe that can be used to compromise Web sites and infect visitors.
“The type of domains that are on the list, we’re talking here top domains in the world, like top 500, top 100,” said Yuval Ben-Itzhak, CTO of Finjan.
eWeek Article [eweek.com]

The article goes on: "The application also allows hackers to manage FTP credential information to automatically inject IFRAME tags to Web pages on the compromised server." Sounds quite familiar, doesn't it?

bwnbwn

4:45 pm on Feb 28, 2008 (gmt 0)

Thanks Tedester I see you can go to the Finjan website and download the list to see if your company is on the list.

Might be a good suggestion to check the list out I am.

I think it may be time to change a few passwords...

coopster

5:50 pm on Feb 28, 2008 (gmt 0)

I do not believe you can download the list but "Finjan officials said organizations can inquire if their FTP servers’ credentials have been stolen by contacting the company."

physics

5:50 pm on Feb 28, 2008 (gmt 0)

No one should be using FTP to transfer files to their web server. A business using FTP to manage their web site is like a credit card company using postcards to send their billing statements.

Use SCP or SFTP. Disable non-encrypted FTP access. Encryption is good.

[winscp.net...]

jake66

6:32 am on Feb 29, 2008 (gmt 0)

Thanks for the link physics. Until I read this post I was using ftp.

The winscp client has the same feel as ftp, so I will be sure to block the FTP port on my server's firewall once I get everyone hosted under my account to switch :)