Quote:
Originally Posted by eukSam
Its not the Filezilla only. The FTP protocol itself transmits plain password. FTP, though efficient for transferring files, lacks any significant security features. The username, password, and file(s) are sent across the network unencrypted (i.e., in plaintext).
|
I was talking about the storage method of passwords on your local machine and not actual protocol itself (which I also mentioned).
A quick search of Filezilla password recovery, will show plenty of tools that simply extract that data.
Though as I said, the scope of these attacks, suggests a network sniffing trojan, that extracts the passwords.