Unmask Parasites. Blog.
msgbartop
Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
msgbarbottom
Loading site search ...

Beware: FileZilla Doesn’t Protect Your Passwords

01 Sep 09   Filed in Tips and Tricks with 39 Comments

2009 is the year of malware attacks that use stolen FTP credentials to infect legitimate web sites. Hundreds of thousands websites have been hacked this way and suffered from hidden iframe injections, Gumblar, redirections to bogus anti-virus sites, etc.

The success of those attacks is based on the fact that a significant percentage of web surfer are webmasters and site owners themselves. Once a computer of a site owner is infected, malware can steal his/her FTP credentials and use them to make the site distribute malware to unsuspecting visitors, who, in turn, may also be site owners.  As a result, we see rapid growth in number of compromised websites.

There are quite a few hypotheses about how cibercriminals steal the credentials: traffic sniffing, using keyloggers, etc. But the most viable is that trojans simply extract everything they need from configuration files of popular FTP programs.  Let me show how easy it can be done.
Continue »»


Tags:
sidebartop

About this blog

Occasional posts from the developer of
Unmask Parasites about things that hackers already know and site owners should know (if they don't want to be victims).

Exploit reviews, security tips, and all that jazz.

This blog in the news

Get free updates:  RSS   Email   Twitter   G+
sidebarbottom
sidebartop

Recent Posts

sidebarbottom
sidebartop

Categories

sidebarbottom
sidebartop

Recent Comments

sidebarbottom
sidebartop
advertisement

Has your website been hacked?

We're here to help you get back up and running with minimal downtime!

Call us now at 1-800-639-6442

www.HackRepair.com
sidebarbottom
sidebartop
sidebarbottom
© Unmask Parasites. Blog. / Design: Smashing Wordpress Themes