[ISN] Windows servers hacked at The Hartford insurance company

From: InfoSec News <alerts_at_private>
Date: Thu, 7 Apr 2011 02:17:52 -0500 (CDT)
http://www.computerworld.com/s/article/9215582/Windows_servers_hacked_at_The_Hartford_insurance_company

By Robert McMillan
IDG News Service
April 6, 2011

Hackers have broken into The Hartford insurance company and installed 
password-stealing programs on several of the company's Windows servers.

In a warning letter sent last month to about 300 employees, contractors, 
and a handful of customers, the company said it discovered the infection 
in late February. Several servers were hit, including Citrix servers 
used by employees for remote access to IT systems. A copy of The 
Hartford's letter was posted earlier this week to the website of the 
Office of the New Hampshire Attorney General.

"It was a very small incident," said Debora Raymond, a company 
spokeswoman. The victims were mostly company employees. Less than 10 
customers were affected by the malware, the W32-Qakbot Trojan, she said.

Qakbot has been around for about two years. Once installed it spreads 
from computer to computer in the network, taking steps to cover its 
tracks as it logs sensitive data and opens up back doors for the hackers 
to access the network.

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Thu Apr 07 2011 - 00:17:52 PDT

This archive was generated by hypermail 2.2.0 : Thu Apr 07 2011 - 00:23:44 PDT