Massive hacker server discovered

Share this article:
Security researchers recently found a server being used to harvest private information consisting of stolen data from 40 international businesses, as well as health-related information on patients worldwide.

What's more, the stolen data contained no access restrictions or encryption, leaving it unprotected and available to anyone on the web

“The fact that the information was wide open indicates that whoever was behind this had no security background and was not a sophisticated hacker,” Yuval Ben-Itzhak, chief technology officer of security firm Finjan, which made the discovery, told SCMagazineUS on Tuesday. “He was probably using a malware toolkit he purchased.”

According to a report from Finjan, the server was located in Malaysia but contained data from all around the world, including North America, Europe and Asia. The server was up only three weeks, but was able to collect 1.4 GB of data. The compromised data was detected using active real-time code inspection technology while diagnosing a user's web traffic.

The Finjan report, available here, contains examples of compromised data such as bank customer data, email communications and patient data.

Ben-Itzhak told SCMagazineUS.com that the server was shut down two days after the find was reported. However, the criminal behind it has not been found. The server contained 5,388 unique log files traced back to 5,878 distinct IP addresses.

Alarming too was that some of the data was health related. The exposure of the data, which must be protected under Health Insurance Portability and Accountability Act guidelines, to criminal elements compromises not only the patient, but also the medical institution/health care provider involved, as well as employees of the institution, Ben-Itzhak said.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.