Malware Version of FileZilla is Stealing Login

FilleZilla is one of the biggest and most trusted programs used to download FTP. But now, users must be weary of a malware version that’s stealing FTP login and sending it to an unauthorized server.  Malformed FTP client versions 3.7.3 and 3.5.3 do all of this behind the firewall, according to antivirus developer Avast Software. This can be scary because these look like the original, are fully functional, and use the same graphical interface and component file names, according to Avast.  There is no suspicious behavior.

This can be a serious issue, but I’m here to help you so that you can stay away from this wicked thing.  Here are a couple differences that Avast has said to look out for.

First off,  look for any skeptical download URLs.  The installer is mostly hosted on hacked websites with fake content. The official version’s Nullsoft installer is v2.45-Unicode, while the fake on uses 2.46.3-Unicode.

Now, here are some things to look for on the file.  Take a look at the size of the file.  The corrupt version is about 6.8 MB smaller than the original version.  It also uses two libraries that the original doesn’t, ibgcc_s_dw2-1.dll and libstdc++-6.dll.  Finally, if you look in the “About FileZilla” section, you will see that it uses older SQLite and GnuTLS verions (shown above).  Any attempt to update this fake version will be unsuccessful.

If you follow these precautions, you should stay safe from anything harmful.  But of course, the best way to avoid this is to download directly from FileZilla instead of a third party website.  This will keep you away from anyone malware versions.  FileZilla also says that another trusted source is SourceForge, which is the official download partner of FileZilla.  If you have any questions, please leave them in the comments below.

Image credit: avast! blog

SmartFile is a business file mangement platform that gives you more control, compliance and security.