botg wrote:Ah Gumblar. In case you don't know, Gumblar actually sniffs FTP passwords from the network interface.
Also, the attack vector Gumblar uses to infect your machine in the first place is through Acrobat Reader.
No wonder people get infected if they keep using products by a company know for a track record of bad security vulnerabilities. Uninstall all Adobe products and you'll likely never get an infection at all!
If it's not Acrobat Reader it is going to be something else. I have had my Filezilla passwords stolen once, although I follow standard security practices (antivirus, antimalware, latest patch for all software I use + not working as an administrator on my machine / also I use foxit reader instead of acrobat reader). I have no idea how malware got through. Sometimes it just "happens."
So I got my 40+ websites modified by some bot who inserted iframes into certain pages. The said iframes propagated malware. What I want to stress here is that a legitimate website can be compromised, and even if you believe you are only browsing "safe" websites you may still run into trouble. It's not always the end user's fault that something happens.
Now, I was told last year on this very forum to not store passwords using Filezilla. So now I use this tool called
Keepass to store my passwords. It seems to be stronger although I can imagine it is not perfect.
Consider this: I store passwords using Firefox and Thunderbird's password storage systems. Those didn't get stolen by the bot. The master password technique seems to give a protection strong enough that malware does not try to attack it. Obviously it could be defeated if malware were to install a keylogger and suchlike on my machine and scanned my master password as I type it in, but such a program would be hard to engineer and also much easier to detect than a low profile worm. Malware makers are competent but they are choosing the easiest path to profit. Right now Filezilla is an easy target. As soon as you manage to get a piece of malware on someone's computer, you can go straight to the Filezilla passwords' file and send it all over the internet. No intensive computation, no convoluted piece of software required. Just a few lines of code and voila, your passwords are gone and your website starts propagating malware.
Isn't it possible to strenghten Filezilla a little bit, so that it becomes a less easy target?
Please?