digg

Facebook Connect Join Digg About

Huge Leak: Database of 8,700+ stolen cooperate FTP accounts

computerworld.com The stolen credentials belong to companies from around the world and include more than 2500 North American companies, some of which are the world's top 100 domains, according to security company Finjan. The ISP hosting the db has been notified but they still have not removed it. Finjan says companies can email them to check if their info was stolen

Who dugg this? Made popular Feb 27, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

120 Comments

show profanity settings
expand all
  • nowsourcing, on 02/27/2008, -1/+149Huge leak: "cooperate" mistaken for "corporate."
  • Lunsar2, on 02/27/2008, -3/+58Torrent?
  • djdingo, on 02/27/2008, -0/+46Everyone inside! They're shutting down the Internet!
  • Ploosheeta, on 02/28/2008, -4/+38http://www.mocpages.com/user_thumbnails/dkennedy@k ...
  • chuckDontSurf, on 02/28/2008, -1/+35No kidding. I mean, is it that ***** hard to reread the title before submitting?
  • Proctor, on 02/27/2008, -1/+34Link?
  • bherring, on 02/27/2008, -1/+26Maybe the leak is in the 'o' department.
  • Bukowsky, on 02/27/2008, -3/+25damn, I can barely remember my own FTP info...
  • RadioSilence, on 02/28/2008, -0/+20I hear there is a database out there that can help you with that...
  • papastout, on 02/28/2008, -0/+18And there was much rejoicing in the land of Script-kiddia... though they had no idea why they were rejoicing.

    ..as usual
  • landmonster, on 02/27/2008, -8/+25I think anyone who submits headlines with spelling errors should be shot in the face.
  • kd1s, on 02/27/2008, -1/+17Almost all FTP is sent unencrypted. Where I formerly worked we shut off all FTP services and instead enforced the use of SCP.
  • Cryoniq, on 02/27/2008, -3/+18MS SQL Databases in a nutshell.. oh wait.. a cracked nutshell...
  • exscind, on 02/28/2008, -2/+16Sure, make it political.
  • bhartzer, on 02/27/2008, -12/+26I would hate it if my ftp info was taken.
  • ConceptJunkie, on 02/28/2008, -0/+14Well, maybe the cooperations will work together.
  • UtopiaInTheSky, on 02/28/2008, -1/+14If GoDaddy is on that list, we're all *****.
  • Sanduu, on 02/27/2008, -3/+14Not good news
  • mrcabnit, on 02/28/2008, -1/+12I bet the cooperations are pissed.
  • wildfire, on 02/27/2008, -3/+14If the RIAA is on the list I'll upload terabytes of MP3s and create ftp.thepiratebay.org.
  • eFiniTi, on 02/28/2008, -0/+10Yeeah I wouldn't. I'm sure their ftp service will keep a log.
  • Lunarbunny, on 02/28/2008, -1/+9Tor.
  • leodavinci, on 02/27/2008, -0/+8FTA: "A trading interface on the server hosting the illegal database allows purchasers to buy FTP server credentials based on the countries in which the servers are located or even by the Google ranking of the Web sites, Ben-Itzhak said. It also appears to be designed to give criminals looking to resell FTP credentials a better basis for pricing the stolen data, he said."

    Sounds like eBay for cyber criminals.
  • KipEvil, on 02/27/2008, -2/+9anything good on these ftp's?
  • coollettuce, on 02/27/2008, -6/+13Yeah because the RIAA stores terabytes of music on their servers.
  • z00k, on 02/27/2008, -0/+7Still not as bad as the T35 Web Hosting incident... 450,000 Username/Passwords/Emails leaked... Ouch.
  • NoLeftTurn, on 02/28/2008, -1/+8Am I the only sceptic thinking that maybe this is being blown out of proportion (or outright faked) to generate awareness of Finjan?
  • brianjlowry, on 02/28/2008, -4/+11I'll get buried for this just because no one likes to read a comment saying that the parent comment is funny. But that was so random and caught me so far off-guard that I decided to post anyways. That was xkcd worthy.

    Bury me in 5.. 4.. 3.. 2..
  • shinelikeitdoes, on 02/27/2008, -1/+8am i the only one that specifically comes to the comments sections of headlines with poor grammar and spelling just to see the reaming the OP will get?
  • meteors, on 02/28/2008, -0/+6You edited your comment. You had asked what tool could be used instead.

    The answer is "SFTP".
  • HaloZero, on 02/27/2008, -1/+7Did anybody else think about chickens when they said cooperate?
  • ronaldmonster, on 02/27/2008, -1/+7List? Link? Anything?
  • quattros, on 02/28/2008, -0/+5the site selling the list and the tool is down... I hate to say it, but it looks like Finjan is just looking for free press. What other way to get the contact info of thousands of admins:

    screen cap of finjan's form collecting info:
    http://www.imagecross.com/image-hosting-viewer-2.p ...
  • megamod, on 02/28/2008, -1/+6He said he was going to upload terabytes of music, not that they already have terabytes of mp3s....you n00b
  • deadbaby, on 02/28/2008, -1/+6In this case it was simply a leak of the usenrames/passwords/IPs so it could still effect people using SCP with password authentication enabled.
  • wildfire, on 02/28/2008, -0/+5We're going serious now it seems. So I'll get out the proxies and iSCSI aggregators...
  • nemesis256, on 02/28/2008, -0/+5Who's the ISP/registrar?
  • ShutYourPieHole, on 02/28/2008, -0/+5Typical, you get buried for making a valid statement. These are "top" domains yet they allow content to be uploaded 1) by FTP and 2) from a random external IP address. I question that there are companies, that rank in the top 100 domains, that have such a simplistic architecture and security model.
  • kidjay, on 02/28/2008, -0/+4is it bad that immediately went "oh *****. i have dreamhost"


  • inactive, on 02/28/2008, -0/+4Digg needs to ***** do something about misspelled headlines. It is happening far too often. God damn people, is it so hard to reread your headline before you submit? Is it so hard to go to dictionary.com and verify that all words are spelled correctly?
  • Portfolioso, on 02/28/2008, -1/+5Suddenly, passwords. Thousands of them!
  • expert01, on 02/28/2008, -0/+3Only canadians.
  • DiggLive, on 02/27/2008, -2/+5It must be that time of the month.
  • slythfox, on 02/28/2008, -0/+3And this, is why smart administrators use SFTP instead.
  • lovekudu, on 02/28/2008, -0/+3The amount of load encryption uses isn't much, usually its the network that's the bottleneck.

    The username and password are still sent in the clear over FTP, whether your files are encrypted or not. That's why FTP is usually banned at large businesses.
  • fourty_two, on 02/28/2008, -1/+4FTP is orders of magnitude faster than sftp/scp. If the actual files being transferred are encrypted then you get fast transfer and protection from interception.
  • lovekudu, on 02/28/2008, -0/+3That information should be stored in a hashing format (SHA or MD5 on Linux in /etc/shadow or an LDAP DB, MD4 with additional AD/SAM encryption on Windows), and not in plaintext.
  • nailer, on 02/28/2008, -2/+5Exactly! What kind of corporation doesn't ban telnet, FTP, or rsh in their security policies (or doesn't have the odd audit where an external consultant tells them to disable these things).

    Their CIO should be fired.
  • Fetching more discussions...
    Show 51 - 100 of 123 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.