Latest Version Of SSH Client PuTTY Steals Users Credentials

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

PuTTY  developed by Simon Tatham is a free and open source terminal emulator for Windows system used to remote access with Linux/Unix. It is used by system administrators, database managers and web developers.

According to Symantec Researchers, an unofficial version of the open source SSH client PuTTY has been found which may compromise the users privacy.

If the user is connected to other computers or servers through the malicious version of PuTTY, then they could have inadvertently sent sensitive login credentials to the attackers.

Data that is sent through SSH connections may be sensitive and is often considered a gold mine for a malicious actor. Attackers can ultimately use this sensitive information to get the highest level of privileges on a computer or server, (known as “root” access) which can give them complete control over the targeted system.

A Trojanized version of PuTTY is being hosted on websites  from the official domain, and cyber attackers used to redirect users to their own websites.

This Trojanized PuTTY version was first spotted in the wild late 2013, in a limited number of detection

To protect yourself becoming a victim you need to check the source of your download. Make sure you download the files from the official home page from the author or publisher.

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

One thought on “Latest Version Of SSH Client PuTTY Steals Users Credentials

  • August 13, 2015 at 7:57 am
    Permalink

    you should provided the official website and download link here…

    Reply

Leave a Reply