NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0423 Crimeware Package Infects FTP Servers:
File Transfer Protocol (FTP) technology is being used to serve up bot malware as well as to
function as a backdoor into some enterprises that neglect to lock down their FTP servers.
Researchers at F-Secure have spotted a new wave of exploits that use FTP, rather than a
malicious URL or the conspicuous email attachment to deliver their malware payloads. The
chief research officer for F-Secure stated SMTP and HTTP are much better filtered for
malware; however, FTP might be the best transport protocol for a virus writer.
Last month, researchers at Finjan - a global provider of web security solutions - stumbled
onto a cache of stolen FTP server credentials that put nearly 9,000 FTP servers at major
global companies at risk, demonstrating how widespread the FTP technology remains at many
organizations.
Cybercriminals were selling a new crimeware package that would automatically infect those
FTP servers, some of which were from the world's top 100 domains.
(Darkreading.com 11MAR08)