German BSI warns of compromised FTP accounts

The German Federal Office for Information Security (BSI) has sent emails to over 600 German hosting providers that include details of around 200,000 compromised FTP accounts. These are used to place software on the servers which in turn distributes malware to users in drive-by attacks. The BSI speculates that the data got lifted off desktop computers (probably alongside other data) by placing trojans on them.

Heise: http://www.heise.de/security/meldung/BSI-Warnung-200-000-FTP-Passwoerter-gestohlen-2210328.html