Re: I’ve got a worm.
Filezilla is pretty good ftp programme, the client can run sftp, the server can not. I use FileZilla as my client, always have.
Pure-ftp seems to be installed on many boxes of the semi configured variety, it is claimed to be a secure FTP server I haven’t used it so can’t comment but others around such as Pro-ftp are known to have holes.
VSFTPD on the other hand is touted as the most secure and endorsed by some very big players such as Redhat, Openbsd, IBM, SANS.
Configured as sftp along with chrooted directories should give a fairly secure environment.
I would still view things pretty cautiously as you haven’t really established the method of exploit and definitely change your ftp access to a sftp one to close that possible avenue of attack down.