Careful! Malicious FileZilla FTP Client Circulating Steals FTP Login Credentials
Security outfit Avast says it's noticed an increase presence of malware infested FileZilla FTP clients, most often affecting versions 3.5.3 and 3.7.3 (the latter of which is the most current version). Infected copies come with a malicious algorithm coded in designed to steal and send login details quickly and quietly.
"Login details are sent to attackers from the ongoing FTP connection only once. Malware doesn't search bookmarks or send any other files or saved connections," Avast explains.
Image Source: Avast
The good news is there are ways to tell if your copy is infected. According to Avast, the malware installer GUI is nearly identical to the official version except for one slight difference -- malware infected copies use 2.46.3-Unicode and the official installer uses v2.45-Unicode. Everything else looks the same, Avast says.
Once installed, look at the About section to see if it lists older SQLite/GnuTLS versions. If so, you probably downloaded a malware infected copy.