Multiple FTP servers owned by the U.S. government were accessed by a teen hacker

exploit
On Monday, a report surfaced claiming that a teen hacker using the alias “Fear” managed to gain access to hundreds of FTP servers owned by the U.S. government. The hacker initially gained access to one server, but then discovered that it listed the access credentials to all FTP servers residing on the .us and .gov domains. The .us servers include public data, private data, program source code, and more sensitive data, while the hacker wouldn’t say what’s loaded on the .gov sites.

FTP stands for file transfer protocol, and servers using this protocol are established to host files on local networks or via the internet. Users typically need a login name and password to gain access to content stored on these servers, which can be made public or set as private. Naturally, the government would keep its servers private, so it’s a bit scary to see that a teen managed to access one and grab the details of numerous others.

“It was very simple to gain access to the 1st box that listed all the .us domains, and their ftp server logins,” the unnamed hacker claims. “I went through each and every one, it was legit. I am pretty sure about every person who does security researching can do this, yes, it may have taken me about 3 hours or 4 hours of looking around, but it is still possible.”

The hacker also points out that the FTP sites used absolutely no encryption on their contents despite their sensitive nature. He discovered social security numbers, credit card numbers, and even web-based banking transactions made by the First Bank of Ohio. One file contained the postal addresses, email addresses, and phone numbers of candidates for the Minnesota school board as well.

According to the report, the teen hacker managed to grab credit card numbers from the First Bank of Ohio because the government has access to that particular bank. In turn, the bank stores the sensitive numbers across several SQL tables, which is a form of Excel-like data storage within a database. Moreover, one FTP server located within Florida wasn’t even password protected. It reportedly serves up one file with 267 million records, one file with 76 million records, another one with 400 million records, and more. Since then, that specific FTP server has now become password protected (even though that may be a case of closing the barn door after the data-rich cow has gotten out).

Ultimately, the teen managed to collect credit card numbers by the thousands, and social security numbers by the millions. He even grabbed the sensitive details of state employees including their telephone numbers, names, addresses, and government positions. Apparently, the FTP sites owned by the U.S. government depend on passwords with only five characters.

The teen hacker reportedly didn’t leave any backdoors to the FTP servers save for Florida, and that backdoor was removed Sunday night. Still, the whole situation is surprising given these servers are run by the U.S. government and a single teen managed to access them and grab sensitive data.

Just imagine the damage local hackers and international terrorists could deal to Americans by breaking into these servers … if they haven’t already.

After the report went live, the federal government shut down the main .us FTP server. The story is currently ongoing, so stay tuned.

Computing

Amazon and Nvidia bring artificial intelligence to the cloud with T4 GPUs

Nvidia announced the availability of new mainstream servers optimized to run the company's latest T4 GPUs with Turning architecture. Amazon jumped on board immediately, announcing that new AWS EC2 G4 instances will offer the technology.
Computing

How to change your Gmail password in just a few quick steps

Regularly updating your passwords is a good way to stay secure online, but each site and service has their own way of doing it. Here's a quick guide on how to change your Gmail password in a few short steps.
Computing

There’s more space on MySpace after ‘accidental’ wipe of 50 million songs

MySpace is no longer a safe refuge for music and media produced in the 2000s. It said that almost any artistic content uploaded to the site between 2003 and 2015 may have been lost as part of a server migration last year.
Computing

After fourth attack, hacker puts personal records of 26M people up for sale

A serial hacker going by the name of Gnosticplayers is selling the personal data of 26 million people who have been using the services of six different companies from across the world.
Computing

Grab 1 terabyte of SSD storage for just $100 with this sale on Amazon

If you're looking for an excellent opportunity to pick up a 1TB SSD at a low price, Amazon has you covered with Samsung's 860 QVO 1TB 2.5-inch SATA III Internal SSD. It is an excellent offering for both multimedia enthusiasts and gamers.
Computing

The iMac finally got updated, but how does it compare to the Mac mini?

Apple announced a long-awaited update to the Mac mini. Thanks to the updated specs and increase in price, it's begun to creep up to the base model iMac. In this guide, we now put up the specs on the newest refreshed Mac mini against the…
Computing

Here's our guide to how to charge your laptop using a USB-C cable

Charging via USB-C is a great way to power up your laptop. It only takes one cable and you can use the same one for data as well as power -- perfect for new devices with limited port options.
Computing

Pinning websites to your taskbar is as easy as following these quick steps

Would you like to know how to pin a website to the taskbar in Windows 10 in order to use browser links like apps? Whichever browser you're using, it's easier than you might think. Here's how to get it done.
Computing

Great PC speakers don't need to break the bank. These are our favorites

Not sure which PC speakers work best with your computer? Here are the best computer speakers on the market, whether you're working with a tight budget or looking to rattle your workstation with top-of-the-line audio components.
Computing

Should you buy the affordable MacBook Air, or is the MacBook Pro worth the price?

Though they both share Retina Displays and similar keyboards, there are still some specs differences and other changes that differentiate the new 2018 MacBook Air and MacBook Pro. In this guide, we stack the two up against each other.
Computing

Changing a PDF into an EPUB file is easier than you might think

If you like to read on a tablet or ebook reader, you'll find that ePUB files offer a number of advantages over PDFs. With this guide, we'll show you how to convert a PDF to EPUB in a few quick steps.
Computing

Confused about RSS? Don't be. Here's what it is and how to use it

What is an RSS feed, anyway? This traditional method of following online news is still plenty useful. Let's take a look at what RSS means, and what advantages it has in today's busy world.
Computing

Here are the best affordable monitors for your budget desktop

Looking for the best budget monitors? These monitors are affordable, but still provide the features you need for gaming, work, home or other plans! Take a look at the displays and your wallet will thank you.
Computing

This limited-time Dell deal cuts $330 off the price of the XPS 15

Dell is currently running a limited-time sale that is cutting the pricing on the XPS 15 down by $330, but only through Thursday, March 21, and with the use of a special coupon code.