There are computer viruses spreading via the internet all the time, which once affecting a computer, is able to use exploits with a combination of several programs to gain access to your FTP usernames and passwords.
Please see the Gumblar virus as an example of such a dangerous virus: http://en.wikipedia.org/wiki/Gumblar
Are you vulnerable?
Any computer running insecure or outdated software is vulnerable to hacking. Personal computers running the Windows OS are more prone to attacks as they are a mass target for malicious scripts as they are more widely used, however Apple OS also has vulnerabilities. Keeping the software running on your computer up to date and regularly changing your passwords are the best precautions you can take.
What should you do if your hosting account was compromised?
You should make sure your personal computer is up to date for all software and specifically including:
- Adobe Acrobat Reader
- Adobe Flash Player
- Adobe Shockwave
- Any FTP Program including Filezilla FTP and WS_FTP
If your hosting account was compromised then you should check with the vendors of the software you're running on your computer to see if security patches or any other important updates are available.
It is also very possible that your software on your computer has been updated already and the attempted hack was possible because some time in the past your personal computer had a combination of software that was not secure. At that time, the method the hackers used, probably found your FTP username and password from your files and send it from your personal computer out to a repository they set up for future use.
One of the more commonly used exploitable programs is Adobe's Acrobat Reader. Adobe has released security advisories on their website, including information on how to update the version you are running to the latest stable and secure release. You can reach Adobe's Security bulletins and advisories webpage via the following link: http://www.adobe.com/support/security/
In the case of an attack on your hosting account, you should immediately reset any ftp passwords to a secure password that is at least seven characters long, and uses a combination of letters, numbers, and special characters. We also recommend that you change your cpanel password.
If you would like us to do this for you, then please email firstname.lastname@example.org
Are the 123 Marbella servers secure?
Yes, our web servers are secure and we use various methods of intrusion prevention and encryption to limit the risk of attack to your data, however anyone with your username and password is able to access your account with little effort. If your personal computer has been compromised, your hosting account can also become vulnerable as well if your FTP username and password were acquired.
We do make daily, weekly and monthly backups of all data stored on our servers, so in the case of a compromise, we do have the facility to restore your data to a previous version.