Gumblar, a malware targeting IE users
Scansafe, the largest global provider of Web Security-as-a-Service, reported that a stealthy malware called Gumblar targets users of Internet Explorer and forcibly redirects Google search page results to compromised pages. It also steals FTP details of victims and creates a backdoor on the system. It is named for the domain gumblar.cn involved in the attacks.“The stolen FTP credentials are then used to further compromise any Websites owned or operated by the victim,” Mary Landesman, senior security researcher at ScanSafe, told eWEEK. “As a result, there is exponential growth of these compromises—as more victims are infected by encountering a compromised site, the number of compromised sites also increases and thus more visitors are exposed.”
Landesman told SCMagazineUS.com, “Gumblar attacks have jumped nearly 188 percent over the first week of May.” The report also says that more than 1,500 Websites including Tennis.com, Variety.com and Coldwellbanker.com have been attacked in the first week of May.
The goal of the malware is to siphon dollars from Google’s highly profitable advertising franchises, by replacing links in the Google’s search results page with those of the attacker’s choice.
The attacker has made exploit code unique for every website, so it has become hard to identify a compromised site until it is surfed. Actually, the malware embeds malicious Javascript deep into a website’s source code that exploits the bug in a visitor’s Adobe Flash and Reader programs and makes the victim join a botnet that manipulates their Google search results. So users are advised to make sure their patches from Adobe Systems are up-to-date.
A Google spokesman told SCMagazineUS.com that some compromised sites associated with this exploit may include a warning, saying “this site may harm your computer” associated with their search results listing.
Leave a Reply
Categories
- Agriya Events (6)
- Agriya Ideas (3)
- Agriya News (102)
- Anova (11)
- Burrow (5)
- BuySell (3)
- Channel (6)
- Client Interviews (1)
- Computer Security (7)
- Crowdsourcing (1)
- Developers (2)
- Extensions (1)
- Feedy (1)
- FP Platform (9)
- GroupDeal (9)
- GroupWithUs (1)
- Holidays (1)
- internet (16)
- Internet News (57)
- iSocial (8)
- latest technology (21)
- Life @ Agriya (1)
- online marketing (15)
- PartyPlanet (1)
- search engines (8)
- SEO Game (18)
- SF Platform (1)
- Social Media News (17)
- social networking (43)
- Volume (3)
- Web 2.0 (8)
- web design (6)
- Webmaster Articles (113)
Archives
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
Page optimized by WP Minify WordPress Plugin