[Cyberduck-trac] [Cyberduck] #9022: Cyberduck 4.7.1 hacked?

Cyberduck trac at trac.cyberduck.io
Mon Sep 21 22:12:06 UTC 2015

#9022: Cyberduck 4.7.1 hacked?
    Reporter:  jeffy61@…  |      Owner:
        Type:  defect     |     Status:  new
    Priority:  highest    |  Milestone:
   Component:  core       |    Version:  4.7.1
    Severity:  critical   |   Keywords:  Hacked
Architecture:             |   Platform:

 I kept getting my web sites hacked, and malicious files uploaded to my
 sites. This has been going on for months. Today my web hosting company and
 I discovered the source of the problem may be CYBERDUCK. Even after we
 changed the passwords (again) today right after I log in with Cyberduck
 "there were legit sign-ins from Nigeria and Malaysia". We suspect
 Cyberduck may be sending the log-in info to a third party. Have you had
 any similar cases? Is there a way we can see if Cyberduck has been
 corrupted? Thanks, Jeff (cc: zac.demars at icloud.com/USNYR Hosting)

Ticket URL: <https://trac.cyberduck.io/ticket/9022>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list