Massive hacker server discovered

Share this article:
Security researchers recently found a server being used to harvest private information consisting of stolen data from 40 international businesses, as well as health-related information on patients worldwide.

What's more, the stolen data contained no access restrictions or encryption, leaving it unprotected and available to anyone on the web

“The fact that the information was wide open indicates that whoever was behind this had no security background and was not a sophisticated hacker,” Yuval Ben-Itzhak, chief technology officer of security firm Finjan, which made the discovery, told SCMagazineUS on Tuesday. “He was probably using a malware toolkit he purchased.”

According to a report from Finjan, the server was located in Malaysia but contained data from all around the world, including North America, Europe and Asia. The server was up only three weeks, but was able to collect 1.4 GB of data. The compromised data was detected using active real-time code inspection technology while diagnosing a user's web traffic.

The Finjan report, available here, contains examples of compromised data such as bank customer data, email communications and patient data.

Ben-Itzhak told SCMagazineUS.com that the server was shut down two days after the find was reported. However, the criminal behind it has not been found. The server contained 5,388 unique log files traced back to 5,878 distinct IP addresses.

Alarming too was that some of the data was health related. The exposure of the data, which must be protected under Health Insurance Portability and Accountability Act guidelines, to criminal elements compromises not only the patient, but also the medical institution/health care provider involved, as well as employees of the institution, Ben-Itzhak said.


Share this article:

Sign up to our newsletters

More in News

Apple's iOS 7.1.1 fixes Webkit bugs, encryption bypass issue

Released Tuesday, the update prevents exploit via "triple handshake" attacks, which could allow a bypass of encryption safeguards.

'Unauthorized' media contact a fireable offense for U.S. intel employees

The new media policy states that U.S. intelligence employees who have "unauthorized" contact with the media could lose their jobs.

AOL Mail hack furthers spam campaign using spoofed accounts

AOL confirmed on Monday that it was aware of the issue and working to remediate the situation.