I operate a website that uses an offline credit card payment facility, hosted by Vodahost, with the site operating via Soholaunch software.
A key module in my shopping cart programme has been repeatedly hacked with an email sub programme - despite changing my cPanel password several times. The hacker could only have done this by gaining access to my FTP (I have Bluevoda and cPanel - same UN and PW).
I have scanned my PC for malware - all clean.
How is my passward being hacked on such a regular basis. I select my passwords with random letters, numbers and other non-alphanumeric characters.
Is sql injection at play here ?
Would appreciate comments from an official source as I am beginning to doubt the security of Vodahosts FTP system.
Regards
AndyP