Filter by Category

Are Your FTP Credentials Secure?

Do you know where your FTP credentials are?

FTP Security WormholeA security researcher named Chris Larson happened onto a curious website last September that had been serving some malicious-looking exe files.

While poking around, he wrote in his blog, "I came across an 'unlocked door' on the malicious Web site and took a look inside." Treading like an adventurer in Alice's wonderland, Larson discovered that this little doorway opened into a world of potential hurt for companies around the world.

There was a strange, oddly-sized GIF file that, with further poking, revealed a hidden payload. The GIF revealed four text files. Little by little, their contents spilled out, until finally it revealed a dark criminal archive. The files contained the login credentials of more than 100,000 FTP sites.

It was an unbelievable discovery, like a Russian nesting doll, that - when unpacked - opened a veritable wormhole to FTP sites around the world: Domain names, User IDs, and Passwords.

Nearly two thousand of these FTP credentials were the domain credentials from one particular site that claimed to Web-host nearly two hundred thousand separate FTP sites. Another file contained a hundred thousand credentials from a variety of unrelated individual sites. Using this archive of FTP credentials, the thief (or thieves) could penetrate, inspect, and selectively harvest the information contained within stored files that users had transferred between their workstations and their corporate computers.

How this archive was assembled and hidden demonstrates how the network of thieves profits and expands. Larson noticed a duplication of a small percentage of the FTP credentials. This seems to indicate that the archive was probably robotically created by a virus or Trojan.

Larson had discovered an actual retail operation that gathers FTP credentials, and then sells those credentials - like a retail mailing list -- throughout the underworld to anyone who can pay the price. The archive, in its hidden GIF packaging, appears to be the actual product. Such an archive would be valuable to identity thieves with its hidden payload. In this state, it was ready to be transmitted to other thieves, running beneath the radar of security network packet sniffers.

This begs the question: "Do you know where your company's FTP credentials are stored?" If your company is using a managed file transfer solution like GoAnywhere MFT, you already know the answer.

The best MFT suites manage the access to FTP, centralize the file transfer process, and secure the credentials that are communicated between hosts. By using a MFT suite, IT can institute rules by which file transfer credentials are organized, encrypt the transfers themselves, and log every transfer activity. User credentials to other servers are also centralized and secured, and the connection rules that your business partners use can be managed to ensure that user ids and passwords regularly updated.

Chris Larsen uncovered a secret world in which the doors to our systems - and our business partner's systems - are sold as simple commodities, available to anyone who can pay the price. It's like a toyshop where your company's FTP credentials are displayed like exotic dolls, nested within a GIF wrapping: a GIF that promises to keep on giving.

Isn't it time to do something about it?

Are you looking for a user-friendly application for secure FTP and Enterprise File Sync & Sharing (EFSS)? Consider looking into our free license.

Latest Posts


Ransomware Attacks on Small Businesses: How to Mitigate

July 21, 2021

Small businesses are just as vulnerable as large enterprises to cyberthreats and ransomware attacks. Robust security defense strategies, including MFT, can help.


What is Extreme File Transfer, and How does it help organizations move large files more efficiently?

July 20, 2021

Learn what extreme file transfer (XFT) is and what it can do for your organization.


This Month in Cybersecurity

July 20, 2021

Ready to learn more about how to protect your organization from cybersecurity threats? Learn what’s new in the world of cybersecurity as well as how you can continue to implement preventative cybersecurity practices.


How Managed File Transfer Supports SWIFT Compliance

July 15, 2021

Any organization that handles sensitive financial data knows that secure transfers are essential to data security. Discover how a secure file transfer solution can support and enhance your SWIFT usage.


GDPR and its Relationship with Healthcare

July 13, 2021

GDPR establishes protections for the security of sensitive data for individuals in the EU. Read our blog to learn more about GDPR and how it impacts the healthcare industry.