This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Stolen data found on international crimeservers

Share this article:
Two crimeservers containing 500MB of stolen data have been discovered in Argentina and Malaysia.

The data was likely being made available online to the highest bidder.

The compromised data was probably gathered using crimeware toolkits, trojans and command-and-control systems used to drive traffic to the servers.

The servers were discovered by Finjan's Malicious Code Research Center. According to Yuval Ben-Itzhak, chief technology officer for Finjan, the servers were the drop sites for data from malware loaded onto PCs all over the world.

“It was obvious that this was an amateur operation, because the servers had not been hidden in any way," he said. "It was probably someone using off-the-shelf crimeware packages that professional hackers are selling to amateurs."

The typical amateur can buy a complete suite of crimeware for $200, and can commit internet crimes without having any sophisticated computer skills, Ben-Itzhak said.

According to a report published by Finjan, the stolen data included:
  • Compromised medical-related data of hospitals and publicly-owned healthcare providers
  • Compromised business-related data of a US airline carrier
  • Personal identity information
Two days after being reported to local and international law enforcement authorities, the servers went down, but the individuals behind the operation have not been caught.

Ben-Itzhak said: “It's hard to find the perpetrators, because a server could be located in Argentina, [but] the criminals could be in Eastern Europe, and the crime committed in the US.”

How can this kind of activity be guarded against? The basic guidelines apply, according to Ben-Itzhak: stay current with patches and anti-virus updates, use firewalls and consider adding another layer of security ahead of browsers to stop malware from installing itself –- or run PCs under credentials that prevent software installation, he said.

“Although we are just reporting on two servers, I'm sure that there are hundreds, if not thousands, of servers like these that are not so easily detected," said Ben-Itzhak. "I'm sure that many companies are not even aware that their data may be in the wrongs hands right now.”
Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...