[nsp-sec] Crimeware as a Service (CAAS) - FTP credential swiping
Florian Weimer
fweimer at bfk.de
Fri Feb 29 10:20:25 EST 2008
* Florian Weimer:
> * Lawrence Baldwin:
>
>> Has anyone seen this?
>> http://www.theregister.co.uk/2008/02/27/crimeware_as_a_service/
>
> Probably this is related to some sort of TDS variant (simpletds.com
> seems to be active, usual caveats apply).
Clarification: While SimpleTDS is definitely in the mix (used to count
redirection rates) and has got a shiny web site, the automated
(re)infection features described in the article are usually provided
by FTP-Toolz (ftptools.nm.ru, currently password-restricted, Google
cache has a copy).
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the nsp-security
mailing list