Comments on: 10 FTP Clients Malware Steals Credentials From

By: Is Your WordPress Website Distributing Malware in Google Image Search? | WordPress News at WPMU.org

Tue, 10 May 2011 13:44:24 +0000

[...] Your FTP password is not safe sitting around in FileZilla or any number of other FTP programs. In FileZilla, for example, password are stored as plain text. This makes them accessible by any malware that is running on your computer. You could try a secure FTP program like WinSCP. [...]

By: Leonardo Musumeci » Blog Archive » Programmi inutilizzati – minacce reali

Sat, 16 Apr 2011 09:19:23 +0000

[...] li ho indirizzati al mio post, dove avevo descritto come il malware rubasse le password e tutti i dettagli dei login memorizzati nei 10 client FTP più popolari (es. Filezilla, CuteFTP, [...]

By: Mike

Mike — Fri, 20 Aug 2010 11:13:46 +0000

You may add SPEEDCOMMANDER to the list.
I used that soft for FTP and store some passwords in it – exactly these sites got hacked two days ago….
The Trojan stealing the info from my PC was Agent.biiu , which seems to have a good system to hide against Avira….

By: Sere

Sere — Tue, 27 Jul 2010 21:02:19 +0000

Wow, good to know! When transferring confidential data, you really should be using a managed file transfer software instead of P2P or FTP. Thanks!

By: Austin

Austin — Wed, 21 Jul 2010 18:37:08 +0000

Thank you Tom……..This is what I thought, but too many posts lead you to belive that simply switching to secure ftp solves the problem.

By: Tiborlil

Tiborlil — Fri, 11 Jun 2010 22:58:36 +0000

We had 22 websites hacked a couple days ago… Some of them were not backed up. Thank you SmartFTP, and goobye (your queuing system sucks anyway). Thanks to Text Workbench we managed to delete the injected js in all html, php and js files ; and re-uploaded using filezilla. Unfortunately it crashed a couple times – does not like huge amounts of data- so I ended here. I’m trying WS FTP from ipswitch, apparently they have a secure encryption built in. Without support it’s not that expensive (just a tad more than smartftp).

By: SiriuS

SiriuS — Wed, 06 Jan 2010 10:21:58 +0000

Total Commander 7.50 uses Master password to encode its FTP passwords.

By: Malware suite et fin « Documentation Mainframe

Malware suite et fin « Documentation Mainframe — Sun, 27 Dec 2009 23:55:04 +0000

[...] Merci aux sympathiques twittos qui m’ont conseillés sur twitter, au final j’ai fait une réinstalle de mon OS, un scan complet, modifié mon password FTP et maintenant je ne conserve plus en mémoire mes identifiants/password dans mon client FTP, en effet ils sont lisibles en dur dans un fichier XML, je ne le savais pas, le malware si! Lire à ce sujet cet article très intéressant. [...]

By: Juan

Juan — Wed, 18 Nov 2009 20:22:44 +0000

I’m using WinSCP, it encrypts stored sessions by using a master password. Much more secure than Filezilla.

By: Sobre malwares, clientes FTP y Google at Webnova – Recursos Webmaster

Sobre malwares, clientes FTP y Google at Webnova – Recursos Webmaster — Mon, 16 Nov 2009 14:40:46 +0000

[...] que alguien tenía los datos de mis conexiones. Sigo investigando y el problema radica en que los perfiles de cuentas o credenciales de los clientes FTP son perfectamente "robables". O sea hay troyanos que se instalan en tu PC y que envían toda esta información de [...]