Author Topic: Prevx: FTP Reloaded - My Website has been hacked!  (Read 3114 times)

0 Members and 1 Guest are viewing this topic.

August 17, 2009, 09:12:09 am
Read 3114 times


  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335

As you might know if you have been following our blog, last month we blogged about a FTP password stealer thatís spreading in the wild here.

This infector managed to steal many credentials of many large companies, a total of nearly 90,000 logins were found. We worked with local and international law enforcement to get that site shut down and inform as many victims as we could.

Yesterday while roaming the dark depths of the web, Mike "Rambo" Johnson, one of our malware hunting rockstars, managed to find the latest incarnation of this threat.

On this occasion there is not much difference, itís an entirely new list of domains containing yet again, a bunch of new "big names" which we are in the process of notifying. Overnight the number of stolen credentials went from 624 to 4338.
Ruining the bad guy's day