Researchers last month stumbled across a server run by cybercriminals that contained 1.4 gigabytes of stolen business and personal data from 40 businesses around the world.
Finjan Software researchers found compromised data from patients and bank customers as well as business email messages and stolen Outlook accounts and messages on the Malaysia-based server, which has since been shut down. The server had been running for just three weeks before it was found by Finjan and the data was stolen from victims in the U.S., Germany, France, India, England, Spain, Canada, Italy, the Netherlands, and Turkey.
This was one busy server: Aside from gathering the data, the server was also a command and control server for the malware that ran on the infected PCs. The Command & Control applications on this Crimeserver enabled the hacker to manage the actions and performance of his Crimeware, giving him control over the uses of the Crimeware as well as its victims. Since the stolen data was left unprotected on the Crimeserver, without any access restrictions or encryption, the data were freely available for anyone on the Web, including criminal elements, the researchers wrote in a report posted today .
Some 5,388 different log files were found on the server, most of which were from Turkey, Germany, and the U.S. Finjan says it discovered the illicit server while running its real-time code inspection technology to diagnose customers Web traffic.
Kelly Jackson Higgins, Senior Editor, Dark Reading