Zero Day

Ryan Naraine and Dancho Danchev

Get Zero Day via:: Mobile; RSS; Email Alerts
Bios:: Ryan’s Bio; Dancho’s Bio

February 27th, 2008

Report: Hackers swipe FTP server credentials using SaaS

Posted by Larry Dignan @ 7:18 am

Categories: Data theft, Exploit code, Vulnerability research

Tags: Software-as-a-service, Finjan Software Inc., FTP Server, Server, Hacker, Software As A Service (SaaS), Security, Emerging Technologies, Larry Dignan

Finjan said it has uncovered a database with more than 8,700 FTP account credentials–user name, password and server address–that allow hackers to compromise security and deliver malware as a service.

In a report released Wednesday, Finjan said the list of stolen accounts includes many Fortune 500 type companies. In a report (PDF and registration required), Finjan outlines the inner workings of this newfangled threat called Neosploit 2.

What’s notable about this development is that hackers are using a software as a service (SaaS) model to deliver applications that are designed to abuse and trade FTP accounts. According to Finjan, this database may be the first use of SaaS for something other than legitimate means. Maybe we could call it HaaS: Hacking as a service.

Here’s a model of how this threat works:

Finjan said its researchers managed to obtain some of the attacker’s server side components to reach the following conclusions:

A standalone application was found at the backend of the malicious server that enables behind-the-scene information trading.
The methodology used for attacks supports multiple “users” (attackers), mimicking a SaaS (Software as a Service) model.

Larry Dignan is Editor in Chief of ZDNet and Editorial Director of ZDNet sister site TechRepublic. See his full profile and disclosure of his industry affiliations.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

Talkback
Most Recent of 35 Talkback(s)

Thread View
Flat View

Hmm - that Big Red X....: Make sure you don't use the noddy features of your OS to change the colour of the red X.

And just hope the bad guys don't remember the old trick of providing a big red X for Noddy to click on.... (Read the rest); Posted by: Dr.C Posted on: 02/29/08 You are currently: a Guest | Log in | Terms of Use

It doesn't surprise me.... MGP2 | 02/27/08

Malware as a Service? JonathonDoe | 02/27/08

Misunderstanding? storm14k | 02/27/08

actually... burtonrodman@... | 02/28/08

You give hackers too much credit. Spiritusindomit@... | 02/28/08

Must be a Linux server. No_Ax_to_Grind | 02/27/08

Operating system Altotus | 02/27/08

Funny as a rubber crutch D-T-Schmitz | 02/27/08

Funny - of course the Linux monks ... archangel999 | 02/28/08

Same Cloth CptMatt | 02/28/08

no ax to grind robapacl@... | 02/28/08

Of course ... because they wanted their data & exploits available TG2 | 02/28/08

I am a bit more concerned about the front end. nucrash | 02/27/08

No Sample accounts nucrash | 02/27/08

More details please John L. Ries | 02/27/08

Sniff D-T-Schmitz | 02/27/08

Duh John L. Ries | 02/27/08

Still, how to you get the physical access to sniff? TheGooch1 | 02/28/08

root kit, ftp client binary executablereplacement D-T-Schmitz | 02/28/08

Ouch.!. dawgit | 02/27/08

Any admin using FTP over the internet... D-T-Schmitz | 02/27/08

sftp passwordless login D-T-Schmitz | 02/27/08

Is OK TheGooch1 | 02/28/08

Reminds me of the Shadowrun world Dr_Zinj | 02/28/08

RE: Report: Hackers swipe FTP server credentials using SaaS Reiley 411 | 02/28/08

Open Source client/server software out there? mgrubb@... | 02/28/08

Trust and the big companies. richard233 | 02/28/08

Points in response.. Spiritusindomit@... | 02/28/08

New way of doing old things Been_Done_Before | 02/28/08

RE: Report: Hackers swipe FTP server credentials using SaaS kjrider@... | 02/28/08

RE: Report: Hackers swipe FTP server credentials using SaaS sfctracey@... | 02/28/08

FTP is big downloads? BALTHOR | 02/28/08

You don't mean.... OhNo! | 02/28/08

Hmm - that Big Red X.... Dr.C | 02/29/08

RE: Report: Hackers swipe FTP server credentials using SaaS jim.petropulos@... | 02/28/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Live Webcast: Oracle Business Intelligence for Midsize Companies: More Than Just Pretty Dashboards Oracle Oracle's Business Intelligence solutions are widely recognized as market ... Download Now
Nucleus Research Guidebook: Leveraging Value from SAP with IBM Cognos IBM SAP users: Discover why IBM Cognos software can help you enjoy less costly deployments, faster time to benefit, and greater productivity improvements. Download Now
Windows Activation Technologies in Windows 7 Microsoft Discover what Microsoft is doing to protect you from the risks of counterfeit software with the activation and validation procedures of Windows 7. Download Now

Blogs From Our Sponsors

Top Rated

And the most popular password is...+34 votes
Microsoft readies emergency IE patch to counter public exploits+33 votes
Report: 48% of 22 million scanned computers infected with malware+32 votes
Microsoft says Google was hacked with IE zero-day+31 votes
Microsoft confirms 17-year-old Windows vulnerability+31 votes
MS Patch Tuesday heads-up: 13 bulletins, 26 vulnerabilities+26 votes
Bogus IQ test with destructive payload in the wild+22 votes
Haiti earthquake themed blackhat SEO campaigns serving scareware+21 votes

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Recession Proofing Your Organization with Electronic Forms IBM Corp. The current economy is forcing organizations of all sizes to look more ... Download Now
Top 7 Things You Should Know About Activation and Genuine Windows Microsoft Learn the top 7 things you need to know about volume activation, including product keys, experience, deployment, virtualization, resources and more. Download Now
Connecting to Better Customer Service Qwest Communications Build a robust voice and data network infrastructure, and transform customer information and feedback into actionable results. Download Now

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
Linking Decisions and Information for Organizational Performance Read the Tom Davenport study

Zero Day

Ryan Naraine and Dancho Danchev

February 27th, 2008

Report: Hackers swipe FTP server credentials using SaaS

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads

Zero Day

Ryan Naraine and Dancho Danchev

February 27th, 2008

Report: Hackers swipe FTP server credentials using SaaS

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Keep up with ZDNet

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads