Cyber-crime goes SaaS
- Reduce text size Decrease text size
- Increase text size Increase text size
- Print article Print
- Jump to comments Comment
- Share this article Share
- Email article to a friend Email
On-demand application for identity thieves emerges
Security vendor Finjan has identified a website that allows users to access the secure .FTP sites of 8,700 organisations – including Fortune 500 companies and high profile websites – and inject malicious code with a few clicks of the mouse.
Along with the usernames and passwords for numerous FTP sites, visitors to the site were granted remote online access to an application called NeoSploit. This can inject a number of Trojans and other malicious code into a website’s underlying code, using so-called iframes.
The site has been compared to legitimate software-as-a-service applications such as Salesforce.com in its design and modus operandi. The discovery illustrates the ease with which systems can now be compromised in order to steal identity information.
Authorities in
Further reading
Anti-virus vendors: Fighting a losing battle Anti-virus vendors are struggling to keep up with the new methods of propagating malware
Securing the future
Central identity management systems are now a chief priority, but biometric technologies continue to disappointFind more stories in the Security & Continuity Briefing Room
