SAN JOSE, California, May 6 /PRNewswire/ --
- In its Latest Malicious Page of the Month Report, Finjan Unveils Business and Personal Data Found in 5,388 Unique Log Files Hosted Unprotected on a Crimeserver Running a Command & Control Application
Finjan Inc., a leader in secure web gateway products, today announced its discovery of a server controlled by hackers (Crimeserver) containing more than 1.4 Gigabyte of business and personal data stolen from infected PCs. The data consisted of 5,388 unique log files. Both email communications and web-related data were among them.
The compromised data came from all around the world and contained information from individuals, businesses, as well as renowned organizations, including healthcare providers.
To illustrate the scope; the server contained among others 571 log files from the US, 621 from Germany (DE), 322 from France (FR), 308 from India (IN), 232 from Great Britain (GB), 150 from Spain (ES), 86 from Canada (CA), 58 from Italy (IT), 46 from the Netherlands (NL), and 1,037 from Turkey (TR).
Due to the sheer impact, Finjan followed its company guidelines and promptly notified over 40 major international financial institutions located in the US, Europe and India whose customers were compromised as well as various law enforcements around the world.
The report contains examples of compromised data that Finjan found on the Crimeserver, such as:
- Compromised patient data - Compromised bank customer data - Business- related email communications - Captured Outlook accounts containing email communication
Finjan's Malicious Code Research Center (MCRC) detected a Crimeserver which was used as a command and control for the Crimeware that was executed on infected PCs. This Crimeserver was also used as the "drop site" for private information being harvested by that Crimeware.
The Command & Control applications on this Crimeserver enabled the hacker to manage the actions and performance of his Crimeware, giving him control over the uses of the Crimeware as well as its victims.
Since the stolen data was left unprotected on the Crimeserver, without any access restrictions or encryption, the data were freely available for anyone on the web, including criminal elements.
"This report provides a unique example of the type and amount of data today's cybercriminals are collecting. Crimeware infected PCs are a serious business problem that requires proactive action since it is no longer just a technical IT problem. The existence of large amount of data on a server that hackers can easily manage and control shows the rapid evolution of cybercrime," said Yuval Ben-Itzhak, CTO of Finjan. "We entered a new era in which criminals just need to log into their "data supplier" and download any information suitable for them to conduct their crime - being it financial fraud, industrial espionage or identity theft."
According to Finjan, the fact that sensitive business and personal data in more than 5,000 cases were compromised in a timeframe of less than one calendar month indicates that the current numbers quoted in the industry reflect only the tip of the Cybercrime iceberg.
The compromised data and the Command and Control applications were detected using Finjan's patented active real-time code inspection technology while diagnosing users' web traffic.
The research is described in detail in Finjan's latest "Malicious Page of the Month" report released today.
To download the report, please visit http://www.finjan.com/mpom
Malicious Code Research Center (MCRC) is the leading research department at Finjan, dedicated to the research and detection of security vulnerabilities in Internet applications, as well as other popular programs. MCRC's goal is to stay steps ahead of hackers attempting to exploit open platforms and technologies to develop malicious code such as Spyware, Trojans, Phishing attacks, worms and viruses. MCRC shares its research efforts with many of the world's leading software vendors to help patch their security holes. MCRC is a driving force behind the development of next generation security technologies used in Finjan's proactive web security solutions. For more information, visit our MCRC subsite (http://www.finjan.com/SecurityLab.aspx?id=547).
Finjan is a global provider of web security solutions for the enterprise market. Our real-time, appliance-based web security solutions deliver the most effective shield against web-borne threats, freeing enterprises to harness the web for maximum commercial results. Finjan's real-time web security solutions utilize patented behavior-based technology to repel all types of threats arriving via the web, such as spyware, phishing, Trojans and obfuscated malicious code, securing businesses against unknown and emerging threats, as well as known malware. Finjan's security solutions have received industry awards and recognition from leading analyst houses and publications, including IDC, Butler Group, SC Magazine, CRN, ITPro, PCPro, ITWeek, Network Computing, and Information Security. With Finjan's award-winning and widely used solutions, businesses can focus on implementing web strategies to realize their full organizational and commercial potential. For more information about Finjan, please visit: http://www.finjan.com.
(c) Copyright 1996-2008. Finjan Software Inc. and its affiliates and subsidiaries. All rights reserved. All text and figures included in this publication are the exclusive property of Finjan and are for your personal and non-commercial use. You may not modify, copy, distribute, transmit, display, perform, reproduce, publish, license, create derivative works from, transfer, use or sell any part of its content in any way without the express permission in writing from Finjan. Information in this document is subject to change without notice and does not present a commitment or representation on the part of Finjan. The Finjan technology and/or products and/or software described and/or referenced to in this material are protected by registered and/or pending patents including U.S. Patents No. 6092194, 6154844, 6167520, 6480962, 6209103, 6298446, 6353892, 6804780, 6922693, 6944822, 6993662, 6965968, 7058822, 7076469, 7155743, 7155744, 7185358 and may be protected by other U.S. Patents, foreign patents, or pending applications.
Finjan, Finjan logo, Vital Security, Vulnerability Anti.dote and Window-of-Vulnerability are trademarks or registered trademarks of Finjan Inc., and/or its affiliates and subsidiaries. All other trademarks are the trademarks of their respective owners.
Media Contacts: United States: Marina Greenwood, Activa PR, Tel: +1-415-776-5350, firstname.lastname@example.org; UK: Neil Stinchcombe, Eskenzi PR Ltd., Tel: +44(0)208-449-1007, email@example.com