Innovation

Report: Hackers swipe FTP server credentials using SaaS

Finjan said it has uncovered a database with more than 8,700 FTP account credentials--user name, password and server address--that allow hackers to compromise security and deliver malware as a service.In a report released Wednesday, Finjan said the list of stolen accounts includes many Fortune 500 type companies.

Written by Larry Dignan, Contributor Feb. 26, 2008 at 11:18 p.m. PT

In a report released Wednesday, Finjan said the list of stolen accounts includes many Fortune 500 type companies. In a report (PDF and registration required), Finjan outlines the inner workings of this newfangled threat called Neosploit 2.

What's notable about this development is that hackers are using a software as a service (SaaS) model to deliver applications that are designed to abuse and trade FTP accounts. According to Finjan, this database may be the first use of SaaS for something other than legitimate means. Maybe we could call it HaaS: Hacking as a service.

Here's a model of how this threat works:

Finjan said its researchers managed to obtain some of the attacker’s server side components to reach the following conclusions:

A standalone application was found at the backend of the malicious server that enables behind-the-scene information trading.
The methodology used for attacks supports multiple “users” (attackers), mimicking a SaaS (Software as a Service) model.

Editorial standards

Show Comments

Report: Hackers swipe FTP server credentials using SaaS

Related

The best free AI courses (and whether AI 'micro-degrees' and certificates are worth it)

I changed these 10 iPhone settings and improved battery life dramatically

Meta permanently slashes the Quest 2's price again, dropping it to an all-time low