Brother
Professional
- Messages
- 2,590
- Reaction score
- 544
- Points
- 113
Companies leave their confidential files on the Internet, unknowingly making them available for download to anyone. According to Cyjax, employees of the companies upload confidential documents to free sites that offer services to scan files for malware, after which anyone can download these documents.
As a rule, scanning of documents (for example, e-mail attachments) on crawler sites is carried out in a protected sandbox. “These services allow anyone to download files, and then generate a report on what is happening when they are opened; then they pass a verdict on whether the file is malicious or legitimate. All selected (for research - ed.) Services have public channels and do not require payment for downloading or viewing publicly available materials, ”the researchers explained.
Passively monitoring the three services for three days, Cyjax specialists collected more than 200 documents. Basically, these were orders of goods and invoices, but in some cases even legal documents (including insurance, government, etc.) came across. By analyzing the invoices, the researchers were able to find out who used the service and obtain the contact details of the organization's employees responsible for purchasing.
