What Is Eugifts2.space? Eugifts2.space and also various other undesirable websites might begin turning up on…
As it became known now, according to the FTC, the attacker took advantage of a vulnerability on the InfoTrax Systems website to download malicious code that allowed him to remotely control not only the company’s website, but also the infrastructure of neighboring servers.
“What is worseorse, the attacker has been in contact with InfoTrax servers for almost two years, from May 2014 to March 2016. During this time, he contacted the company’s network at least 17 times”, – reports FTC.
InfoTrax Systems employees failed to notice the intrusion. FTC representatives write that the company simply did not have the proper security systems and solutions to detect unauthorized access and file changes. Hacking became known almost by accident: on March 7, 2016, one of the servers almost ran out of disk space, which the company learned from an automatic message.
Read also: Ransomware attacked a major ASP.NET provider
As it turned out, collecting data from InfoTrax Systems servers, an unknown attacker created an archive file that became so large that the disk almost ran out of space.
“In total, the cracker stole about a million user records from a number of InfoTrax Systems customers. At that time, the company’s servers hosted a total of approximately 11.8 million users, and they were stored openly”, – reports FTC.
As a result, the criminals ended up with social security numbers, information about payment cards and bank accounts, as well as usernames and their passwords.
This week, representatives of the Federal Trade Commission and InfoTrax Systems finally agreed. The company was obliged to introduce certain security measures, including: inventorying and deleting personal information of users when it is no longer needed; regularly check the code of their software and test theirr network; detect malware boots; actively segment the network and implement tools to protect against attacks and to detect unusual activity.
Chernars.com is a domain that tries to force you into subscribing to its browser notifications…
Eclipse-adblocker.pro is a site that tries to trick you into clik to its browser notifications…
Initiateadvancedcompletelythe-file.top is a site that tries to force you into subscribing to its browser notifications…
Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…
Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…
Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…