Virtual, boy I agree with you on the dealership. My dealer is always recommending things I don't need, but my isp -- they are specialized for photographers and very sharp guys. And they don't get anything from me being with Sophos. That's why I dug out the email to show you what happened. They say a there was a trojan that would have been prevented by an AV, no?
Where did the Trojan come from? Did I incidentally open something? Did an intern in my office put it in? I have no idea.
But was a lot of havoc...
I agree maybe it will never happen again, but you see the letter. I happened and would not have happened probably if an AV was there at that time, right? And it "could" happen again... maybe... right?
If you were running Windows, then a password-stealing Trojan is a possibility. But I'm not aware of any such Trojans targeting FTP passwords on OS X.
More likely, they just brute-forced your passwords. I have about twenty different Web sites, and I deploy some pretty formidable defenses (including adaptive firewalls and rate limiters), and I get, on average, anywhere between a couple of dozen and a few hundred attempts per day to hack my passwords. These attacks don't know or care who I am or what the Web sites are; they're totally automated.
If your FTP password is a dictionary word or a string of numbers attached to a dictionary word, it's gonna get breached, sooner or later. It's just a question of time. That's why my FTP passwords are long strings of random gibberish, like
,,<hB5%?nmK-~db7&s'llu;-=
(Not an actual password, of course, but that's what my passwords look like.)
