Greenguy's Board - View Single Post

cd34 · 2008-03-28, 06:05 PM

That virus is added through an FTP account. What makes this one bad is that they have access to the site, go in and modify precisely the few files needed with no errors or password violations, and, after you change it, in a few days they go back.

Change your password, make sure that every time you give your password to a vendor that you change it afterwards. Or, change it before giving it to a vendor and change it back.

Of the exploits we see, about 80% are through poorly coded php, 15% are through spyware/keyloggers/passwords that are given out to someone that has spyware/keylogger. And every 14-18 months, a certain credit card processor that stores passwords in the clear for all of the FTP accounts that they maintain for clients that run a membership site has all of their passwords stolen.

2008-03-28, 06:05 PM	#16
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	That virus is added through an FTP account. What makes this one bad is that they have access to the site, go in and modify precisely the few files needed with no errors or password violations, and, after you change it, in a few days they go back. Change your password, make sure that every time you give your password to a vendor that you change it afterwards. Or, change it before giving it to a vendor and change it back. Of the exploits we see, about 80% are through poorly coded php, 15% are through spyware/keyloggers/passwords that are given out to someone that has spyware/keylogger. And every 14-18 months, a certain credit card processor that stores passwords in the clear for all of the FTP accounts that they maintain for clients that run a membership site has all of their passwords stolen. __________________ SnapReplay.com a different way to share photos - iPhone & Android