Malformed FileZilla FTP client with login stealer

Malformed FileZilla FTP client with login stealer crated by hackers for stealing users Credentials.  The Antivirus firm AVAST spotted a malicious version of the open source FTP – File Transfer Protocol software FileZilla out in the wild.

Malware installer GUI is almost identical to the official version. The only slight difference is version of NullSoft installer where malware uses 2.46.3-Unicode and the official installer uses v2.45-Unicode. All other elements like texts, buttons, icons and images are the same.

Malformed FileZilla FTP client

The installed malware FTP client looks like the official version and it is fully functional! You can’t find any suspicious behavior, entries in the system registry, communication or changes in application GUI.

Comments are closed