Huge Pool of Compromised Web Site Credentials Discovered
With the apparent return of the hacking tool Neosploit even more disturbing news surfaced today with the announcement of the discovery of admin log-in credientials for more than 200,000 web sites. The pool of data was found on a server belonging to a long-time Neosploit customer and looks to be the work of three different criminal groups. The credentials were used to modify 80,000 sites to serve up malicious code to visitors whose Windows systems were not fully patched. The researcher would only name one compromised site - the U.S. Postal Service - but other site were said to include governments, universities, Fortune 500 companies and even several weapons manufacturing firms. Over half of the sites were those of European entities.