Biscom Delivery Server Blog

I talked to Kelly Jackson Higgins from Dark Reading for an article she was working on. She’s been covering IT for a number of years, and her latest article discusses one aspect of a growing threat — the dangers of malicious software capturing FTP credentials and using them to hack into legitimate web sites. Because FTP is prevalent for updating web sites, having the credentials gives hackers the opportunity to inject their own code into web pages unbeknownst to the site owner. These infected pages may redirect a visitor in a phishing scam, collect user credentials on login pages, or spread the malware or bot to increase the scope of infection. There are a number of other vulnerabilities in FTP that makes it hard to justify as a viable file transfer solution, and this is just one more nail in the FTP coffin.