Trojan Stealing Amazon, Symantec FTP Info

[exfileme]

A trojan is collecting FTP information from popular websites such as Amazon, the BBC, Symantec, and more.

Trojan Stealing Amazon, Symantec FTP Info : Read more

 

[Hanin33]

security by obscurity only protects the company's interest... not the consumers they deal with. these companies should be outed so that, at least the some what intelligent, consumers can decide if they want to continue dealing with the company or not.

 

[eddieroolz]

An antimalware company gets its FTP info stolen by a malware. Oh, the irony.

 

[jhansonxi]

[citation][nom]eddieroolz[/nom]An antimalware company gets its FTP info stolen by a malware. Oh, the irony.[/citation]They didn't "steal" the info. They just made up their own license to "use" the info.

 

[Guest]

We've also seen numerous cases of PCs infected with a virus that sniffs the outbout FTP traffic. Since FTP transfers all data, including usernames and passwords in plain text, this virus captures that data along with the IP address, sends it to a server in the UK and then carries out it's website infection injection attack.

We've been recommending that people use either SFTP or FTPS since these 2 protocols encrypt all their data making sniffing much more difficult (some say impossible). If your website is on a *nix box, SFTP is easy as you can use WinSCP and do FTP over SSH. If you're on a Windows box, you'll have to ask your hosting provider about FTPS.