[nsp-sec] ACK: Stolen FTP credentials
Rodolfo Baader
rbaader at arcert.gov.ar
Fri Apr 29 11:29:27 EDT 2011
Hi Thomas,
proxy ACK for AR ASNs:
7303, 10318, 10481, 11014, 16814, 27823, 27898
Notifications were sent to the abuse/noc departments.
Regards,
R.
El 28/04/11 06:23, Thomas Hungenberg escribió:
> ----------- nsp-security Confidential --------
>
> Hi,
>
> please find below a list of stolen FTP login credentials found in a FTP grabber dropzone.
> According to timestamps, the credentials were harvested on infected client PCs
> from 2011-04-20 until 2011-04-25.
>
> Format: ASN | IP | CC | hostname | username | sanitized password | AS desc | Abuse contact
>
>
> - Thomas
>
> CERT-Bund Incident Response & Anti-Malware Team
>
More information about the nsp-security
mailing list