Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Over 4,500 logins have been published on a 77 page document on a shared content website.Chris Boyd, malware researcher at Sunbelt Software, claimed that as Scribd allows users to share written content online, converting PowerPoint, PDFs and Word documents into web documents that can be viewed through sites such as Facebook and other social networking services, it was inevitable that a scammer would decide to use such a service for foul means.He detected that a little over 4,500 mail logins (mostly from .ru domains, and possibly used for a .ru social networking site) in the form of a 77-page text document for anybody to download and plunder was uploaded to the site. At the time of writing, the document had been viewed 94 times and by the time it was deleted, that figure had increased to 152. He said: “Interestingly, the account behind the upload is still busy posting utterly random content – everything from technical documents and videogame commands to what look like job advertisements, lists of cameras and descriptions of GIMP plug-ins (there's even a manual for Warhammer 40 000 lurking in there somewhere).”With 970 uploads, the account was up to 1,308 with fresh (and entirely random) uploads appearing constantly, possibly by an automated process.Boyd also pointed at a Russian forum, where victims noticed an increase in spam coming from their account, and a web search saw their stolen logins sitting on the Scribd page.“Unfortunately there's no indication if their login was claimed through an infection or a phish, but whether the uploader is someone trying to make stolen logins ‘sociable' or some kind of automated bot gone awry there's an awful lot of compromised accounts being put up for grabs,” said Boyd.See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.