Beware if you are using Filezilla

IT.com
I love filezilla, but what happened this month will make me to rethink if I need another ftp program. I am using filezilla 3.1.3.1 client on my PC. Suddenly one good day when I tried to access one of my website,Firefox gave warning as "Reported attack page". When you see this type of issue with your webpage your heartbeat increases.It means youe Web server is hacked!!

I have posted my horror story at

Visible Blog: Filezilla Security Issues - Hackers are exploiting it
 
your computer was infected with trojan 'Gumblar' so it happened, the problem doesn't seem to be coming from filezilla itself as i too happen to download its latest version few days back and everything works superb, if you have trojan problem in windows then first buy Original Windows CD not pirated or copied one and when even that doesnt work, just start using linux instead it wont get affected by viruses and trojans as much as windows pc's.
correct me if im wrong!
 
This is wrong to make assumptions without asking first.I am using licensed windows xp with antivirus on it. I do admit that antivirus did fail.But why save password in cleartext.Also, to let you know the server was uploaded files from numerous ip.SO I hope all were infected.Just why not put a gate.
Here are list of IP from where files were uploaded on my server.[see attachment]
Also, windows is installed on 95% of personal computer.SO why open door for hackers on 95% of computer.
 

Attachments

  • ftplog.txt
    10.2 KB · Views: 5
  • ftplog.txt
    10.2 KB · Views: 5
Since it's open source it's open season for hackers. I think it is better now, but you right a year or two ago it was spyware.
 
LOL's yeah filezilla is a 'old school' lazy way of getting passwords etc
same as wsftp.
for a laugh do a gaagle for
[dir] parent directory index of /backup

for .Net SQL pwd
[dir] parent directory index of /App_Code
[dir] parent directory index of /App_Data

you can also get the web.config files
 

whois



Forums dedicated to Indian domain names, including buying, selling, appraising, developing, and monetizing.

About Us

Threads
29,388
Messages
76,792
Members
7,945
Latest member
nilamburfurniture
Top Bottom