by Dave Reeder
29. October 2009 21:12
I recently had a Trojan on my PC which caused me a lot of problems!
As well as having to spend hours purging my PC of all processes in the memory, registry entries and .exe files, I discovered another nasty feature of this virus.
It seems it had got into my ftp client (fileZilla) and read all the usernames and passwords and then added these to a hacking script. The script then inserted a malicious iframe (containing the url of a Russian or Polish web site) into a few sites I have built for customers.
It was unable to touch the compiled ASP.NET sites, but it was able to hack a couple of PHP sites and some static HTML based sites.
I don't know the effect this would have on visitors, but as soon as I discovered the problem I took the sites down. In general, these weren't sites I hosted myself, so I go the owners to change their ftp details and re-uploaded the sites using the new details.
However, it seems lots of other people have had this issue and it also seems that ftp details aren't stored securely in an ftp Client so I won't be storing them in my ftp client any more!
I also eagerly await any enhanced security that Windows 7 is offering. I will upgrade and attempt to re-install my BitDefender anti-virus software, however the first time I installed this it completely locked up Windows XP to the extent that I had to use System Restore to roll it back!