Security researchers have found a treasure chest of FTP passwords, some from high profile sites, on an open cybercrime server.
Jacques Erasmus, CTO at security tools firm Prevx, stumbled across a site where a Trojan is uploading FTP login credentials captured from compromised machines. So far, Erasmus has found logins for ftp.bbc.co.uk, ftp.cisco.com, ftp.amazon.com, ftp.monster.com and, even security sites including ftp.mcafee.com and ftp.symantec.com along the extensive list of more than 68,000.
Other login credentials refer to the Bank of America, one of the few organisations PrevX has had time to notify directly at the time of writing.
Initial investigations suggest the logins were swiped during the last two weeks and that at least some remain valid.
Read more on The Register.