[nsp-sec] Stolen FTP credentials
Jon Lewis
jlewis at lewis.org
Tue Aug 16 09:31:07 EDT 2011
On Tue, 16 Aug 2011, Thomas Hungenberg wrote:
> please find below a list of stolen FTP login credentials found on a compromised server.
> I don't have information on how and when the credentials were stolen but there are
> indications they have been harvested on ZeuS infected PCs.
> 6364 | 209.208.1.193 | US | ftp.worldpub.net | ftpuser | ft****** | ATLANTIC-NET - Atlantic.net, Inc.
I've sent this along to the appropriate customer (a magazine publisher),
but IIRC, this FTP server is "open" intentionally for article uploads, and
the ftpuser password is published in documentation available online.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the nsp-security
mailing list