Prevent malware uploads via stolen passwords with BitNinja

Have you ever wondered what BitNinja can do if an account on your server has been stolen or someone gets access via a hacked SSH?  Perhaps some customers store their passwords on a sticky note, or, for example, an account has been purchased to gain access to the server to infect it with malware.

Users are always the weakest points in any system’s defence; that is the one vulnerability even BitNinja cannot patch.

But that does not mean hackers can do any harm with a stolen password. The malicious requests will be blocked and the source IP address of the request will be greylisted, (as you can see on the picture above) even if the hacker is logged into a seemingly valid, but in fact stolen, account.

BitNinja disregards the account and only observes it if the requests from the IP address trigger any BitNinja rules. If there is a malware upload from an IP address that matches one of the tens of thousands of malware signatures, then the malware will be quarantined and the uploader’s IP address will be greylisted. With BitNinja your server security is like a fortress!

In summary, even if hackers purchase or steal a password, or compromise an account on the server, BitNinja still won’t let them perform any kind of cyberattack, inject a code or do any harm at all.