Security firm unveils personal data in 5,388 unique log files hosted unprotected on a Crimeserver

A server has been discovered controlled by hackers (crimeserver) containing more than 1.4 gigabytes of business and personal data stolen from infected PCs, announced Finjan. The data consisted of 5,388 unique log files.

Finjan notified over 40 major international financial institutions located in the US, Europe and India whose customers were compromised as well as various law enforcers around the world.

Finjan’s Malicious Code Research Center (MCRC) detected a crimeserver which was used as a command and control for the crimeware that was executed on infected PCs. This crimeserver was also used as the ‘drop site’ for private information being harvested by that crimeware.

said Yuval Ben-Itzhak, CTO of Finjan.

‘This report provides a unique example of the type and amount of data today’s cybercriminals are collecting. Crimeware infected PCs are a serious business problem that requires proactive action since it is no longer just a technical IT problem.The existence of large amount of data on a server that hackers can easily manage and control shows the rapid evolution of cybercrime.’

“We entered a new era in which criminals just need to log into their “data supplier” and download any information suitable for them to conduct their crime – being it financial fraud, industrial espionage or identity theft.”

According to Finjan, the fact that this amount of sensitive business and personal data has been compromised indicates that the current numbers quoted in the industry reflect only the tip of the cybercrime iceberg.