Hackers circulate FTP credentials for NYT and other big sites

Next Story

Deadly drinking game goes viral

Hackers are circulating credentials for FTP sites that include the New York Times and other organizations. These credentials are being offered for sale and some posted freely on forums and “hacker groups” around the Internet.

More than 7,000 FTP (file transfer protocol) sites are circulating, an analyst at Hold Security in Wisconsin says. The company monitors cyber-attacks and underground operations for hackers. It is responsible for noting the large data breaches at Target and Adobe Systems.

Black hat hackers are using the information to upload files to servers for unknown reasons. They could be planting software for use in distributed attacks, to gain further access into systems and networks, or to change website or other data.

The NYT says that they are taking steps to mitigate the attacks and close down the compromised servers and accounts, but did not elaborate any more.

Another organization on the list is UNICEF as well as several well-known Fortune 500 and other companies. Of the 7,000 credentials given, Hold Security says that many work, but most are either useless (do not allow file insertion) or no longer accessible.

So far, the perpetrators responsible for getting the FTP accounts is not known. They likely gained access to the FTP credentials through malware installed on worker’s computers at various organizations, key logging logins or similar. The list shows that many of the passwords are complex and not likely to have been gained through brute force guesswork.

Some of the files being uploaded to servers through the hacked credentials are .html files, which could be accessible to any Web browser and thus be used to spread more malware.


TORK a brand of NSi Industries, LLC Memory Module Programmer with Software picture
TORK a brand of NSi Industries, LLC Memory Module Programmer with Software
TMS4030JL TMS4030 TI MEMORY RAM NMOS 4K BITS PER WORD picture
TMS4030JL TMS4030 TI MEMORY RAM NMOS 4K BITS PER WORD
Banner MM-11 Memory Module 120VAC Gently Used picture
Banner MM-11 Memory Module 120VAC Gently Used
10-PCS MEMORY IC RC28F320J3D-75 119-PIN PBGA INTEL 28F320J3D75 RC28F320J3D75 picture
10-PCS MEMORY IC RC28F320J3D-75 119-PIN PBGA INTEL 28F320J3D75 RC28F320J3D75
30-PCS MEMORY IC FM24CL04-S RAMTRON 24CL04 FM24CL04S picture
30-PCS MEMORY IC FM24CL04-S RAMTRON 24CL04 FM24CL04S