Thousands of FTP Sites Hacked, Infected with Malware

Hold Security is warning that hackers have compromised more than 7,000 FTP sites in order to plant malware or to compromise connected Web services.

“Hackers planted PHP scripts armed with backdoors (shells) and viruses in multiple directories hoping that these directories map to Web servers of the victim companies to gain control of the Web services,” the company explained. “They also uploaded HTML files with seamless redirects to malicious sites.”

The company says the sites were compromised using a wide range of different methods, including the use of stolen, publicized and default credentials.

“We urge companies to re-examine their FTP implementations to minimize possible credential abuse, malware uploads, and possible interconnectivity to other services, especially Web,” Hold Security stated.

PCWorld’s Jeremy Kirk reports that the hackers have been circulating the list of credentials on underground forums, and that FTP servers run by The New York Times and UNICEF were among those affected.

Jeff Goldman
Jeff Goldman
Jeff Goldman is an eSecurity Planet contributor.

Top Products

Top Cybersecurity Companies

Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the...

Top CASB Security Vendors for 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application security and integrity. After carefully surveying the...

Top Endpoint Detection & Response (EDR) Solutions for 2021

Endpoint security is a cornerstone of IT security, so our team put considerable research and analysis into this list of top endpoint detection and...

Top Next-Generation Firewall (NGFW) Vendors

Cybersecurity is getting more complicated, and so are security products. NGFWs are no exception, and IoT devices and the work-from-home craze that began in...

Related articles