Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Security researchers recently stumbled upon a malicious website that housed a cache of stolen FTP credentials. The malicious domain, discovered last week by researchers at network security and management firm Blue Coat, housed a set of sensitive files, two of which contained a total of nearly 100,000 login and password combinations for a mixed batch of domains. Another file contained 1,905 login and password combinations for the Servage.net domain, a provider that hosts more than 185,000 websites. And, a fourth file contained 197 credentials for a set of sites on the Russian narod.ru domain and several other Russian, Polish and Ukrainian web hosts. Most of the logins – presumably used by webmasters – had "reasonably strong" passwords, Chris Larsen, a security researcher at Blue Coat, wrote in a blog post. One password in particular was a 39-character German phrase with a few numbers mixed in. Other passwords, however, were not as complex. “Sadly, there were still quite a few ‘dictionary word' passwords and ‘simple numeric' passwords and other easily guessed ones, but these were a clear minority,” Larsen wrote. Late last year an analysis of 32 million passwords obtained by a hacker who broke into the database of social networking application provider RockYou.com, revealed that the most commonly used password on the site was ‘123456.' Stumbling on a booty of stolen credentials can be frustrating for researchers because there is not much they can do to notify those whose passwords have been stolen, Larsen said. The discovery, however, does provide an opportunity to remind webmasters that their FTP credentials should be protected and treated with as much care as banking credentials. “Try to only use them from computers that are known to be secure,” he wrote. “The bad guys want your login.” Besides the stolen credentials, researchers also discovered several known malicious executable files and an encrypted payload disguised as a GIF. See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.