Viruses/Worms News

Gumblar malware poisoning Google searches, exploiting websites

Friday, May 15, 2009

Attacks from a virus called Gumblar have increased dramatically in the first weeks of May as it spreads rapidly to infect new PCs. Malware uploaded to PCs by the attacks forcibly redirects Google search page results to malicious websites, which perpetuate the virus, security researchers said.

Gumblar exploits bugs in Adobe Flash and PDF to install malware which steals FTP credentials and creates a back door and take control of the infected computer. Once the PC has been hijacked, the malware launches a man-in-the-middle attack to poison Google search results in Internet Explorer, researchers said.

The stolen FTP credentials are used to compromise any websites owned or operated by the victim, according to eWEEK. More victims are infected by encountering a compromised site, which so far totals more than 1,500 sites including Tennis.com, Variety.com and Coldwellbanker.com, eWEEK reported.

Google began delisting the malicious sites appearing in search engine results when the attacks were first spotted in March, but the hackers have responded by using different IP addresses.

Gumblar attacks, named for the domain gumblar.cn involved in the attacks, are sometimes accompanied by malicious iframes that load exploits and malware from domains hosted in Latvia. The gumblar.cn domain has a Moscow IP, researchers said.
ADNFCR-1765-ID-19172334-ADNFCR

Related News:

Researchers: Malware attackers reloading for Windows 7 assaults - 11.20.2009
A report issued yesterday by computer security firm Symantec says that hackers are undoubtedly reworking their malicious software to target Windows 7 as more users switch to the latest version of Microsoft's flagship OS.

Want to secure your iPhone against intruders? There's an app for that - 11.20.2009
Cisco Systems today released a free iPhone app that will allow users to receive security updates and the latest news on web threats, as well as aggregating additional security related content for iPhone users.

Microsoft says 64-bit versions of Windows are harder to infect - 11.19.2009
Members of Microsoft's security team write that 64-bit editions of Windows are much less susceptible to malware attacks, but outside experts caution that 64-bit malware could be the next big thing in cyber crime.

Google coming down hard on malicious advertisers - 11.18.2009
Search giant Google has said that it will lay down the law where scam artists and malvertisers are concerned: Permanent bans will be the result of any fraudulent activity on the company's AdWords service.

If at first you don't succeed: Most malware protection fails first round of certification testing - 11.17.2009
A study performed by security testing and research firm ICSA Labs says that almost four out of five computer security products fail their first certification tests and need to be retooled for a second and sometimes a third attempt.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now