[nsp-sec] ACK 680, 41289 Re: Stolen FTP credentials
Torsten Voss
voss at dfn-cert.de
Wed Aug 17 05:31:29 EDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Thomas,
thanks and ACK 680, 41289
Cheers,
Torsten
Am 16.08.2011 14:49, schrieb Thomas Hungenberg:
> ----------- nsp-security Confidential --------
>
> Hi,
>
> please find below a list of stolen FTP login credentials found on a compromised server.
> I don't have information on how and when the credentials were stolen but there are
> indications they have been harvested on ZeuS infected PCs.
>
> Format: ASN | IP | CC | hostname | username | sanitized password | AS name
>
>
> - Thomas
>
> CERT-Bund Incident Response & Anti-Malware Team
>
>
- --
Dipl.-Ing.(FH) Torsten Voss (Incident Response Team), Phone +49 40 808077-634
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-590
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrasse 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
Automatische Warnmeldungen https://www.cert.dfn.de/autowarn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAk5LinEACgkQLn8qYyAllOQUnACeKNhmICFM2bF8M8atpJ6S7FcR
g9cAn0TkE7eKZLE6vu3v9Tzv4sFKPYAy
=+Q7V
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list