Subscribe to RSS News Feed
About Spamhaus  |  Press Office  |  FAQs   
Spam, Malware and FTP cracks

2008-07-25 23:19:00 UTC, by Chris Thompson
Recent News Articles

How has GDPR affected Spam?

Smoke Loader malware improves after Microsoft spoils its Campaign

Fighting abuse at the edge

Spamhaus Botnet Threat Report 2017

PandaZeuS’s Christmas Gift: Change in the Encryption scheme

Did anyone recently notice that the Spamhaus XBL just got really big?

French government provides spam lists

Botnet Controllers in the Cloud


Older News Articles:
Spamhaus News INDEX

There is lots of spam going around with funny subjects like "Mike Tyson to Fight Michael Jackson" or "Afghanistan to be 51st US State", or other equally absurd lines designed to hook unwary recipients into clicking the URL in the spam. Unfortunately, the results of following that link are not at all funny. The victim's computer will be infected with a Trojan horse, it will become part of a spam, malware and DDoS botnet, and all the user's personal data may be compromised. Those malware URLs are the infection path of large-scale attacks by cybercrime gangs to build their botnets.

The malware URLs themselves are hosted on cracked web servers, and those web server IP addresses often end up in SBL. Spamhaus has learned from admins of those systems that the common vector used by the attackers are FTP password cracks. Further, the attacks are not only on weak 'guessed' passwords, but the bad guys are sniffing passwords via other malware installations, so even good, strong passwords are vulnerable. Remember, FTP transmits passwords 'in the clear', not encrypted!

The way for those website owners to protect their systems is to use a protocol which protects their passwords with encryption, either SFTP (SSH File Transfer Protocol) or FTPS (FTP over SSL/TLS). There are many good secure FTP clients available. We can't list them all but two popular, free, open-source clients for several operating systems are available from FileZilla (and a Windows server) and PuTTY PSFTP.

ISPs and hosting companies, please encourage all your customers to switch to secure FTP immediately, including server support on your end. It protects everybody, including your customers and the Internet at large!



Spamhaus Information

Press Office
Spamhaus News Index
Spamhaus in the media
About Spamhaus
Spamhaus Official Statements
Article Information

Permanent link to this news article:
Spam, Malware and FTP cracks
http://www.spamhaus.org/news/article/634/spam-malware-and-ftp-cracks

Subscribe to RSS News Feed
Spamhaus News Quotes

Permission to quote from or reproduce Spamhaus News articles is granted automatically providing you state the source as Spamhaus and link to the news record.
© 1998-2018 The Spamhaus Project Ltd. All rights reserved.
Legal  |  Privacy