Stolen data found on international crimeservers

By Chuck Miller on Jun 19, 2008 10:05 AM
Filed under Risk

Two crimeservers containing 500 megabytes of stolen data have been discovered in Argentina and Malaysia.

Two crimeservers containing 500 megabytes of stolen data have been discovered in Argentina and Malaysia. The data was likely being made available online to the highest bidder.

The data was likely being made available online to the highest bidder.

The compromised data was probably gathered using crimeware toolkits, trojans and command-and-control systems used to drive traffic to the servers.

The servers were discovered by Finjan's Malicious Code Research Center. According to Yuval Ben-Itzhak, chief technology officer for Finjan, the servers were the drop sites for data from malware loaded onto PCs all over the world.

“It was obvious that this was an amateur operation, because the servers had not been hidden in any way," he said. "It was probably someone using off-the-shelf crimeware packages that professional hackers are selling to amateurs."

The typical amateur can buy a complete suite of crimeware for US$200, and can commit internet crimes without having any sophisticated computer skills, Ben-Itzhak said.

According to a report published by Finjan, the stolen data included:

Compromised medical related data of hospitals and publicly owned healthcare providers

Compromised business related data of a U.S. airline carrier

Personal identity information

Two days after being reported to local and international law enforcement authorities, the servers went down, but the individuals behind the operation have not been caught.

Said Ben-Itzhak, “It's hard to find the perpetrators, because a server could be located in Argentina, the criminals could be in Eastern Europe, and the crime committed in the U.S.”

How can this kind of activity be guarded against? The basic guidelines apply: Stay current with patches and anti-virus updates, use firewalls and consider adding another layer of security ahead of browsers to stop malware from installing itself –- or run PCs under credentials that prevent software installation, he said.

“Although we are just reporting on two servers,” Ben-Itzahak said, “I'm sure that there are hundreds if not thousands of servers like these that are not so easily detected. I'm sure that many companies are not even aware that their data may be in the wrongs hands right now.”

See original article on scmagazineus.com

data breach, data security, argentina malaysia

Ads by Google

What are your thoughts on this article? Add your comment below.

To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.

NOTE: You must be a registered member of SC Magazine to post a comment.

Click here to login | Click here to register

comments powered by Disqus

FOLLOW US...