Here’s some hackers auctioning off FTP passwords of top 100 sites on Alexa.
The software uses an eBay-like trading interface to qualify the stolen accounts in terms of the country where the server is located and the Google page ranking of the compromised server. Cybercriminals use the information to set a price for the compromised FTP credentials so they can be resold to other cybercriminals or adjust an attack on more prominent sites. The software also allows cybercriminals to use the FTP credentials to automatically inject HTML IFrame tags into Web pages on the compromised server.
