The Gumblar virus has caused a huge amount of damage to websites around the world. The virus steals passwords from FTP software such as Dreamweaver and Filezilla to upload a modified version of a webpage which would be used to infect other visitors PCs.
Regular virus scanners such as ClamAV would not pick up the threat as the virus isn’t actually uploaded to our servers. Therefore we’ve had to come up with another way to protect our clients.
With the new protection in place any files that are uploaded via FTP are scanned instantly for various keywords or phrases. If a threat is found a number of things will happen to secure your account –
- The file is moved to a quarantine for an administrator to review
- The IP address of the uploader is blocked at our firewall
- The password on the account is changed
- The FTP connection is killed
- Our administrators are notified so we can perform other security checks on your account.
If we do get notified of a client account being used in this way we will contact you and ask you to scan your PC with an updated virus scanner immediately.
If you have any questions, feel free to let us know.