Finjan finds illegal database with more than 8,700 stolen FTP credentials

This article should be a good reminder why we all need to change our passwords frequently, especially if running remote services. Full article can be found here.

A fresh discovery by security vendor Finjan provides yet another example of how easy it is becoming for almost anyone to find the tools needed to break into, infect, or steal data from corporate Web sites. The vendor announced Wednesday that it has uncovered an illegal database containing more than 8,700 stolen FTP server credentials including user name, password, and server addresses. Anyone can purchase those credentials and use them to launch malicious attacks against the compromised systems. The stolen credentials belong to companies from around the world and include more than 2,500 North American companies, some of whose Web sites are among the world’s top 100 domains, according to Finjan’s CTO. The FTP credentials would allow someone with malicious intent to break into and upload malware to a compromised server with a click or two, he said. “You could pick any server you wanted in the list, pay for it,” and launch an attack with very little effort. A trading interface on the server hosting the illegal database allows purchasers to buy FTP server credentials based on the country in which the servers are located, or even by the Google ranking of the Web sites, he said. It also appears designed to give criminals looking to resell FTP credentials a better basis for pricing the stolen data, he said.