You misunderstand, FTP is not disabled by default on Windows 10, this does not try to Host a FTP server on the infected machine, it accesses a FTP server (which is supported and enabled by default on all Windows versions).Many malware samples used to use FTP, but most of them used Windows native support for FTP (FTP Server or web browser). The native support for FTP is enabled in Enterprises, but rarely in small businesses. That is why I am curious how often are malicious attacks via FTP without such support (Chrome removed FTP support and FTP Server is disabled by default on Windows Home and Pro).
This has been going on for years now, is nothing new.
The security suites pretty much block the FTP link in this test (the ones that passed at least).