Security Firm brings down Hacker Server; recovers thousands of log files

Finjan revealed that it discovered a server controlled by hackers otherwise known as a Crimeserver containing more than 1.4 Gigabyte of business and personal data stolen from infected PCs.

The data consisted of 5,388 unique log files. Both email communications and web-related data were among them.

The compromised data came from all around the world and contained information from individuals, businesses, as well as renowned organizations, including healthcare providers.

Finjan has already notified over 40 major international financial institutions located in the US, Europe and India whose customers were compromised as well as various law enforcements around the world.

The report contains examples of compromised data that Finjan found on the Crimeserver, such as Compromised patient data, Compromised bank customer data, Business- related email communications as well as Captured Outlook accounts containing email communication.

Finjan’s Malicious Code Research Center (MCRC) detected a Crimeserver which was used as a command and control for the Crimeware that was executed on infected PCs.

This Crimeserver was also used as the “drop site” for private information being harvested by that Crimeware.

The Command & Control applications on this Crimeserver enabled the hacker to manage the actions and performance of his Crimeware, giving him control over the uses of the Crimeware as well as its victims.

Since the stolen data was left unprotected on the Crimeserver, without any access restrictions or encryption, the data were freely available for anyone on the web, including criminal elements.

According to Finjan, the fact that sensitive business and personal data in more than 5,000 cases were compromised in a timeframe of less than one calendar month indicates that the current numbers quoted in the industry reflect only the tip of the Cybercrime iceberg.