Massive hacker server discovered

Share this article:
Security researchers recently found a server being used to harvest private information consisting of stolen data from 40 international businesses, as well as health-related information on patients worldwide.

What's more, the stolen data contained no access restrictions or encryption, leaving it unprotected and available to anyone on the web

“The fact that the information was wide open indicates that whoever was behind this had no security background and was not a sophisticated hacker,” Yuval Ben-Itzhak, chief technology officer of security firm Finjan, which made the discovery, told SCMagazineUS on Tuesday. “He was probably using a malware toolkit he purchased.”

According to a report from Finjan, the server was located in Malaysia but contained data from all around the world, including North America, Europe and Asia. The server was up only three weeks, but was able to collect 1.4 GB of data. The compromised data was detected using active real-time code inspection technology while diagnosing a user's web traffic.

The Finjan report, available here, contains examples of compromised data such as bank customer data, email communications and patient data.

Ben-Itzhak told that the server was shut down two days after the find was reported. However, the criminal behind it has not been found. The server contained 5,388 unique log files traced back to 5,878 distinct IP addresses.

Alarming too was that some of the data was health related. The exposure of the data, which must be protected under Health Insurance Portability and Accountability Act guidelines, to criminal elements compromises not only the patient, but also the medical institution/health care provider involved, as well as employees of the institution, Ben-Itzhak said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Ground system for weather satellites contains thousands of 'high-risk' bugs

Ground system for weather satellites contains thousands of ...

An audit of the Joint Polar Satellite System ground system revealed thousands of vulnerabilities, most of which will be addressed in two years when the next version of the system ...

Threat report on Swedish firms shows 93 percent were breached

The study by KPMG and FireEye also found that 49 percent of detected malware was unknown.

Former acting HHS cyber director convicted on child porn charges

Former acting HHS cyber director convicted on child ...

Timothy DeFoggi, who was nabbed by the FBI last year in its Operation Torpedo investigation was convicted by federal jury in Nebraska.