Quote:
Originally Posted by Silver_2000
Assuming I understand this correctly
That only secures the password in transit - if the users PC is compromised and the passwords are saved then TLS in this case doesnt help
|
Correct! The current exploit attack heavily in the wild right now involves
keylogging, packet capturing, and file analysis from the victim's own
home computer.
Doesn't really matter what you do aside from implementing a one time
keypad on the server side because as long as the user is infected, the
hacking group behind this will know how to login and it does not matter
if you force secure FTP, using only certificates, or anything else.
A lot of people erroneously believe right now that FTP is being hacked
because they don't know what is really going on and making bad assumptions
and then through those same bad assumptions recommending you switch
your FTP software or disable FTP and go to secure FTP or implement some
encryption method which is already by definition compromised already as
long as the end user is still able to login from their home computer.
Best action at the moment for anyone found infected is to suspend their
accounts or change their passwords to prevent the home user from being
able to login themselves until they can disinfect their home computers!