The File Transfer Protocol (FTP) has attracted renewed interest lately, but not in a good way: The bad guys are now using the ‘70s disco-era file transfer technology to serve up bot malware, and even as a backdoor into some enterprises that neglect to lock down their FTP servers.
Researchers at F-Secure have spotted a new wave of exploits that use FTP — rather than a malicious URL, or the conspicuous email attachment — to deliver their malware payloads. “As SMTP and HTTP are much better filtered for malware, FTP might be the best transport protocol for a virus writer,” says Mikko Hypponen, chief research officer for F-Secure. “We’ve just started to observe this phenomenon — it’s not widespread yet, but likely to increase.” FTP Hacking on the Rise - Desktop Security News Analysis - Dark Reading
From around the Web
- Users not patching third party apps
- Mozilla patches 12 Firefox bugs, a third of them critical
- IE 7 and 8 Default Security Leaves Intranets At Risk
- Microsoft ships fixes for Excel, WordPad malware attacks
- 15 Firefox addons for Web developers
- Windows 7 will nag users 29% less often, Microsoft claims
- Vista7 more secure than Linux and Mac OS X
- Conficker self updates, launches false infection alert
- SSH server attacks resurface
- Hacking Tools & Techniques and How to Protect Your Network from Them
- Microsoft Black Tuesday: Microsoft finally fixes Excel zero day, plus more
- Conficker self updates, launches false infection alert
- Conficker reprogrammed for new attack run
- Rogue security software a rising threat
- Further Windows 7 features revealed