You can then reach out to them and make sure they remove the faulty FTP client. If your DNS server is capable of logging blacklist hits, then now is the time to check your logs and see if any of your clients are using this fake Filezilla client.īy using the log option in the Secure64 example configuration above you can see which clients are trying to access the site. If you are using Secure64 you need to add a line like the one below and reload your cache server: But to be safe you should blacklist in your DNS server. Additionally, the FTP server also appears to be down. This domain name currently does not resolve, as the nameservers appear not to respond to DNS queries anymore (interestingly enough they still respond to ping). The domain name that the hacker used to send credentials to is. This is clearly a concern for any network and action must be taken to limit the damage. These credentials are secretly sent to a hacker owned site. ![]() ![]() So even if the software might still work, I will never accept the attitude of the developer. Even if you can 'opt-out' this is clearly designed to fool the users and worst of all the developer is just copy pasting a dishonest reply on FileZilla's forums. ![]() This fake version of Filezilla looks and works as expected but it also harvests login credentials in the background. It was also my first experience of malware with Macs. Recently, a fake version of the popular Filezilla File Transfer Protocol (FTP) client has been made available for download on some sites.
0 Comments
Leave a Reply. |