295901Re: Temporarily block domain.tld from sending?
- Oct 10, 2013On 10/8/13 5:15 PM, lists@... wrote:
> I'm still perplexed with access: the user claims no one else had ftpThere are several Windows PC viruses, including the common "Gumblar"
> password, ftp password was a random 8-char alpha/numeric string,
> can there be any other reason that leaked password...?
family, that steal saved FTP passwords from files on the computer.
They simply have a list of file locations where various FTP clients such
as FileZilla and Dreamweaver store saved passwords. They scan all these
locations and send any results back to a central server.
Some of these viruses also incorporate network sniffing to detect FTP
So even if the password was random and used only on a single computer,
it may have been obtained by evildoers if the user checked a "remember
this password" option or ever connected to a non-TLS FTP server. The
user should scan any computer that ever used this password for viruses.
Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
- << Previous post in topic Next post in topic >>