Hackers circulate FTP credentials for NYT and other big sites

Next Story

Deadly drinking game goes viral

Hackers are circulating credentials for FTP sites that include the New York Times and other organizations. These credentials are being offered for sale and some posted freely on forums and “hacker groups” around the Internet.

More than 7,000 FTP (file transfer protocol) sites are circulating, an analyst at Hold Security in Wisconsin says. The company monitors cyber-attacks and underground operations for hackers. It is responsible for noting the large data breaches at Target and Adobe Systems.

Black hat hackers are using the information to upload files to servers for unknown reasons. They could be planting software for use in distributed attacks, to gain further access into systems and networks, or to change website or other data.

The NYT says that they are taking steps to mitigate the attacks and close down the compromised servers and accounts, but did not elaborate any more.

Another organization on the list is UNICEF as well as several well-known Fortune 500 and other companies. Of the 7,000 credentials given, Hold Security says that many work, but most are either useless (do not allow file insertion) or no longer accessible.

So far, the perpetrators responsible for getting the FTP accounts is not known. They likely gained access to the FTP credentials through malware installed on worker’s computers at various organizations, key logging logins or similar. The list shows that many of the passwords are complex and not likely to have been gained through brute force guesswork.

Some of the files being uploaded to servers through the hacked credentials are .html files, which could be accessible to any Web browser and thus be used to spread more malware.


Trenton 92-506633-XXX CPU Board w/2*Xeon SLAEJ 2.33Ghz/4GB RAM picture
Trenton 92-506633-XXX CPU Board w/2*Xeon SLAEJ 2.33Ghz/4GB RAM
NEW LOT 2 INTEL 80526KZ1000256 MICROPROCESSOR PENTIUM III XEON 1000/133/256 ,EE picture
NEW LOT 2 INTEL 80526KZ1000256 MICROPROCESSOR PENTIUM III XEON 1000/133/256 ,EE
Socket LGA 1366 CPU Tray for Intel Core i7 & Xeon Processors Qty 4 Fits 40 CPU's picture
Socket LGA 1366 CPU Tray for Intel Core i7 & Xeon Processors Qty 4 Fits 40 CPU's
Supermicro SBI-7226T-T2 Twin Intel Xeon 5500 Blade Module SBI7226TT2 picture
Supermicro SBI-7226T-T2 Twin Intel Xeon 5500 Blade Module SBI7226TT2
LOT OF 2 INTEL XEON SLACB CPU/MICROPROCESSORS E5310 picture
LOT OF 2 INTEL XEON SLACB CPU/MICROPROCESSORS E5310