Cybercriminals are paying premiums based on compromised sites' Google PageRank to buy thousands of login names and FTP credentials, a security software company reports. By Thomas Claburn
InformationWeek
February 27, 2008 02:35 PM
More than 8,700 FTP login names and passwords, some of which grant access to Fortune 500 servers, are being sold online through a sort of eBay (NSDQ: EBAY) for stolen data, a security company revealed this week.
Prices vary in relation to the Google (NSDQ: GOOG) PageRank of the compromised sites. The customers are cybercriminals who seek access to trusted sites in order to launch malware or hide files.
Finjan, a computer security company based in Israel, made the discovery and elaborates on its findings in its February Malicious Page of the Month report.
Finjan CTO Yuval Ben-Itzhak describes the online crime database application the company found as "the holy grail of hackers." It contains the "hacked FTP credentials of very large companies, some of them in the Fortune 500." More than 100 stolen login names are associated with one of the 500 most visited Web sites on the Internet, as measured by Alexa.com.
"There is a whole industry of buying and selling all these stolen credentials," said Ben-Itzhak. "It opens for us a new window to see how they really manage to infect all these companies and legitimate Web sites very quickly."
http://www.informationweek.com/news/showArticle.jhtml?articleID=206900557