Cybercrime server with 500 Mb of personal data discovered

A server controlled by hackers (Crimeserver) containing more than 500 Mb of premium data has been discovered by Finjan, Inc. The data included health care and business related data, as well as personal identifiable information (stolen Social Security Numbers). This data is part of the premium offering that the cybercriminals operating the Crimeservers were selling to the highest bidder online. The compromised data came from all around the world and contained information from individuals, businesses, airlines, and health care providers. Finjan’s report contains examples of compromised data that Finjan found on the Crimeserver, such as:

• Compromised medical related data of hospitals and publicly owned health care providers
• Compromised business related data of a U.S. airline carrier
• Identity theft (stolen Social Security Numbers)

Finjan’s Malicious Code Research Center (MCRC) detected a Crimeserver operated by cyber criminals who used campaigns to steal data. These campaigns consisted of sophisticated attacks, incorporating Crimeware toolkits, Trojans, and Command and Control (C&C) servers to drive traffic from a specific region, with specific characteristics. According to Finjan, the fact that sensitive business, patient, and personal data were compromised in a timeframe of less than one calendar month underscores the necessity for enterprises and organizations to have a comprehensive security technology in place that provides effective protection against these sophisticated threats.

The company says that compromised data and the Crimeserver applications were detected using Finjan’s patented active real-time code inspection technology while diagnosing users’ Web traffic. The research is described in detail in Finjan’s latest “Malicious Page of the Month” report released yesterday.