NetSarang Xftp 5 Backdoor Trojan (ShadowPad)
Critical Nessus Plugin ID 102709
SynopsisThe remote host contains an application that is affected by a trojan backdoor.
DescriptionThe Xftp 5, an FTP client for Windows, installed on the remote host has a nssock2.dll file identified by its MD5 hash that is infected with a trojan backdoor.
The affected file includes an encrypted payload that could be remotely activated by a knowledgeable attacker.
SolutionUpgrade to Xshell 5 Build 1326 or later.