Aren't WinSCP access details secure? I am doing a full virus/malware check but after 8 hours nothing has been found yet. What are the likely culprits for this kind of attack? Could it be a server-side issue? Support changed my access details in the morning but by early evening it had been hijacked again.From our experience with malware of this nature, the user account passwords are compromised though viruses/malware located on your local computer. This malware sniffs out passwords used and stored by FTP programs or e-mail clients.