Filter by Category

Are Your FTP Credentials Secure?

Do you know where your FTP credentials are?

FTP Security WormholeA security researcher named Chris Larson happened onto a curious website last September that had been serving some malicious-looking exe files.

While poking around, he wrote in his blog, "I came across an 'unlocked door' on the malicious Web site and took a look inside." Treading like an adventurer in Alice's wonderland, Larson discovered that this little doorway opened into a world of potential hurt for companies around the world.

There was a strange, oddly-sized GIF file that, with further poking, revealed a hidden payload. The GIF revealed four text files. Little by little, their contents spilled out, until finally it revealed a dark criminal archive. The files contained the login credentials of more than 100,000 FTP sites.

It was an unbelievable discovery, like a Russian nesting doll, that - when unpacked - opened a veritable wormhole to FTP sites around the world: Domain names, User IDs, and Passwords.

Nearly two thousand of these FTP credentials were the domain credentials from one particular site that claimed to Web-host nearly two hundred thousand separate FTP sites. Another file contained a hundred thousand credentials from a variety of unrelated individual sites. Using this archive of FTP credentials, the thief (or thieves) could penetrate, inspect, and selectively harvest the information contained within stored files that users had transferred between their workstations and their corporate computers.

How this archive was assembled and hidden demonstrates how the network of thieves profits and expands. Larson noticed a duplication of a small percentage of the FTP credentials. This seems to indicate that the archive was probably robotically created by a virus or Trojan.

Larson had discovered an actual retail operation that gathers FTP credentials, and then sells those credentials - like a retail mailing list -- throughout the underworld to anyone who can pay the price. The archive, in its hidden GIF packaging, appears to be the actual product. Such an archive would be valuable to identity thieves with its hidden payload. In this state, it was ready to be transmitted to other thieves, running beneath the radar of security network packet sniffers.

This begs the question: "Do you know where your company's FTP credentials are stored?" If your company is using a managed file transfer solution like GoAnywhere MFT, you already know the answer.

The best MFT suites manage the access to FTP, centralize the file transfer process, and secure the credentials that are communicated between hosts. By using a MFT suite, IT can institute rules by which file transfer credentials are organized, encrypt the transfers themselves, and log every transfer activity. User credentials to other servers are also centralized and secured, and the connection rules that your business partners use can be managed to ensure that user ids and passwords regularly updated.

Chris Larsen uncovered a secret world in which the doors to our systems - and our business partner's systems - are sold as simple commodities, available to anyone who can pay the price. It's like a toyshop where your company's FTP credentials are displayed like exotic dolls, nested within a GIF wrapping: a GIF that promises to keep on giving.

Isn't it time to do something about it?

 

 

Add a Comment

Allowed tags: <b><i><br>

Latest Posts


What is Managed File Transfer (MFT)?

October 10, 2018

As companies recognize a need for a solution that meets their file transfer, automation, and encryption needs, the question often arises: what is managed file transfer and how is it different from my…


Why You Should Cluster Your File Transfer Systems

October 4, 2018

What’s the true cost of downtime for your organization? You may think of it in terms of lost revenue—according to studies released in the last couple years, the average cost of…


4 Healthcare Organizations that Use Managed File Transfer

September 28, 2018

Earlier this year, GoAnywhere covered five of the healthcare industry’s top cybersecurity concerns for 2018 and addressed how those risks could be mitigated. Now, almost ten months into the…


Which is Better: SFTP vs. FTPS?

September 24, 2018

How do you transfer sensitive files? Business requirements and security standards have increased in recent years across industries and continents, but many organizations have struggled to keep up.…


Tradeshow Recap: VMware 20th Anniversary, Secure File Transfers, and More at VMworld 2018

September 10, 2018

Dazzling booth displays and nerdy Star Wars swag. Informative training sessions. Demos for modern software and hardware. Drones. In-depth industry conversations. Coffee decorated with techy latte…