Filezilla FTP Software

Why choose FileZilla?

FileZilla is free and cross-platform FTP software. It’s your file transfer solution with a FileZilla client and FileZilla server available. This application is used and recommended by us at Dovetail. It is a popular application ranking 9th most downloaded application from the open source site SourceForge.

Where should I go to download FileZilla?

Currently, there are two links known to be safe for downloading FileZilla. Both links have been recommended specifically by FileZilla as safe sources. We have provided the two links below:

Official FileZilla Website

Sourceforge FileZilla Download

What should I look for when making sure the download source is safe?

We have provided screen shots of what the two secure download sites should look like and the URL’s connected with them.

Official FileZilla Website

 

SourceForge

I already have FileZilla; is my version safe?

The FileZilla downloads from the two recommended sites are not at risk. Any downloads from these two sites will be the safe version.

It has been found that the tainted versions of FileZilla are unable to update. When a newer version comes out of FileZilla, it will not be able to update to protect itself from replacement.

What happens if I have the tainted version of FileZilla?

Avast blog has revealed that stolen data would be sent to a location associated with malware and spam activities. The assumption is that the FTP’s will then be used for further spread of malware. Avast says “Attackers also can download whole webpage source code containing database log in, payment system, customer private information etc.”

Will I know if I have the tainted version?

This malware has been absent of any suspicious activity meaning it is possible that users can be using the malformed version of FileZilla for a long time. It has been able to quietly transfer information.

Below we have provided some component details showing the difference between the original version and the tainted versions.

Watching out for Malicious Versions:

The original version components of FileZilla will appear as:


(Photo Credit: Avast Blog)

The two malicious version components will appear as:

The Malicious versions of FileZilla client show slightly different component ID’s

(Photo Credit: Avast Blog)

Malicious versions of FileZilla client use, but are not limited to the following ID’s:

Malicious Installer v3.5.3:
SHA256: 595D954C7CE574337C97A0801E779BC3DCA94FC92AFAE8F483DCDD1A053C5C24

Malicious FileZilla.exe v3.5.3
SHA256: 525E9ED135C1435772A774D7AD7168CECCD225E354118E621482DB61174F6734

Malicious Installer v3.7.3
SHA256: B9A12F9B6827144D84E65EF2BA454D77CB423C5E136F44BC8D3163D93B97F11F

Malicious FileZilla.exe v3.7.3
SHA256: 2451599C03B136C1848F538184F0F266973B65AFC8DD25F272A7E6B0555B657A

What the third party site with potential malicious FileZilla will look like:


(Photo Credit: Avast Blog)


(Photo Credit: Avast Blog)

(Photo Credit: Avast Blog)

For more information on the subject, we have provided the detailed Avast Blog regarding the topic in the link below:

Avast: Malformed FileZilla FTP client with login stealer