[wp-testers] Default.widgets.php Hacked? What to do?

Navjot Singh navjotjsingh at gmail.com
Fri Jul 24 19:37:30 UTC 2009


Better still, I have switched to using SFTP loggins everytime. Atleast
it provides more safety than sending passwords in plain-text.

On Sat, Jul 25, 2009 at 1:02 AM, Kirk M<kmb42vt at gmail.com> wrote:
> I also, as a rule, don't store passwords locally. The single exception to
> this is FileZilla (Windows install) as it seems to give me no choice in the
> matter. And since it sends FTP login data to the server in plain text anyway
> does it really matter as long as your firewall and anti-malware protection
> is fully up to date? This is for local protection only since you can't do a
> damn thing once you hit the "Connect" button in FileZilla and your login
> data is out there for everyone to see.
>
> And for these folks who found their sites had been hacked, what OS were they
> running? If Windows, we're they properly protected (firewall? Anti-malware
> program? Which brand?)
>
> Just thinking out loud there...
>
> Just on the off-chance that this has affected my Windows machine and
> possibly any blogs I administer via FTP (all on the same host) I did a full
> anti-malware scan on my Windows partition and thoroughly checked the sites I
> administer and everything's clean.
>
> One thing I have to wonder about though. On a Windows (desktop) system would
> using Windows "Encrypting File System" (EFS) to encrypt the FileZilla
> (settings) folder and it's .xml files help prevent this type of thing from
> happening locally?
>
> On 7/24/2009 10:09 AM, Jennifer Hodgdon wrote:
>>
>> Doesn't anyone besides me think it is a poor security practice to store
>> FTP credentials on their PC at all? I realize it is a bit inconvenient
>> at times to have to remember passwords, but if your FTP software is
>> storing credentials in an unencrypted file, I think it is a HUGE
>> security risk to let it store your FTP passwords. This also goes for
>> your browser storing login passwords for your sites.
>>
>> --Jennifer
>>
>> Chris Jean wrote:
>>>
>>> I did a lot of reading on this subject to ensure that I knew the full
>>> scope of it. It's quite clear to me that the stolen FTP credentials are
>>> definitely the cause of this specific issue:
>>>
>>> * Malicious “Income” IFrames from .CN Domains http://bit.ly/NgWFA
>>> * Hidden CN Iframes Are Still Prevalent http://bit.ly/12uY53
>>>
>>> That said, you are quite right that getting a virus on your local
>>> machine isn't the only problem. It is very important for WordPress users
>>> to be aware that their site can be compromised by poor security
>>> practices on or off their server.
>>
> _______________________________________________
> wp-testers mailing list
> wp-testers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-testers
>


More information about the wp-testers mailing list