Hackers Use SaaS To Auction FTP Passwords, Inject Code
More than 8,700 FTP log-in names and passwords are being peddled at an online auction site for stolen data, according to security firm Finjan. The site includes software that lets criminals hack Web servers and automatically inject crimeware that infects visitors to the Web site.
Some of the information opens a back door into Fortune 500 companies in manufacturing, telecom, media, online retail and IT, as well as government agencies. The stolen FTP accounts include some of the world’s top 100 domains as ranked by Alexa.com.