[nsp-sec] ACK: Stolen FTP credentials
Rodolfo Baader
rbaader at arcert.gov.ar
Tue Aug 16 14:53:13 EDT 2011
Hi Thomas,
proxy ACK for ASNs:7303, 10318, 10481, 10617, 10834, 11664, 16814, 19037, 20207,
26608, 27739, 27823, 27955
Notifications were sent to the abuse/noc departments.
Regards,
R.
El 16/08/11 09:49, Thomas Hungenberg escribió:
> Hi,
>
> please find below a list of stolen FTP login credentials found on a compromised server.
> I don't have information on how and when the credentials were stolen but there are
> indications they have been harvested on ZeuS infected PCs.
>
> Format: ASN | IP | CC | hostname | username | sanitized password | AS name
>
>
> - Thomas
>
> CERT-Bund Incident Response & Anti-Malware Team
More information about the nsp-security
mailing list