News
News spotlights:
Business | Digital audio | Gadgets | Games | Green computing | Home entertainment | Internet & broadband | Laptops | Linux | Macs | PC Peripherals & components | PC security | PCs & laptops | Mobile phones | Digital photography & video | Software | Wi-Fi & networking
News by company:
AMD | Apple | BT | Dell | Google | HP | Intel | Microsoft | Nvidia | Sony
News by product:
Windows XP | Windows Vista | Windows 7 | Apple iPhone | BlackBerry
May 19, 2009
Google results poisoned with malicious links
Security threat found on legitimate websites
A new attack that peppers Google search results with malicious links is spreading quickly, the US Computer Emergence Response Team has warned.
The attack, which has intensified in recent days, can be found on several thousand legitimate websites, according to security experts. It targets known flaws in Adobe's software and uses them to install a malicious program on victims' machines, CERT said.
The program then steals FTP login credentials from victims and uses that information to spread further. It also hijacks the victim's browser, replacing Google search results with links chosen by the attackers.
Security experts started tracking the attack in March, when it had infected several hundred websites, but in recent weeks the number of infected sites has jumped dramatically. The attack has been called Gumblar because at one point it used the Gumblar.cn domain, though on Monday it had switched to a different one.
Security vendor ScanSafe has counted more than 3,000 infected websites, up from around 800 just over a week ago.
That kind of continued growth is unusual, according to Mary Landesman, a senior security researcher with ScanSafe. Attackers have launched many widespread web attacks over the past few years, but after a few months the total number of infected sites usually drops as webmasters clean up their servers.
With Gumblar, more and more sites are now being infected. Landesman believes it's because Gumblar's creators have been good at obfuscating their attack code and making it harder to spot on infected sites. And because they've been stealing FTP login credentials, they've been able to use a few new tricks to get their software onto the sites. "They're doing things like changing folder permissions … and leaving behind multiple ways that they can get back into the server," she said.
Still, web attacks have become so widespread that Gumblar remains a relatively small-scale phenomenon, according to Symantec Security Response Product Manager John Harrison. Last year, Symantec counted 18 million online attacks against its customers. With Gumblar, it has counted 10,000. "It's really just another day with drive-by downloads," he said. "There really are so many of these."
Security experts say that if you're using a fully-patched system with up-to-date security software, you should be protected from these attacks. To date, they've worked by hitting the victim with malicious PDF or Flash files.
See also:
<<newer story | back to index | older story>>
Submit to:
Reddit
Subscribe to PC Advisor now and claim your FREE gift
Recent reviews
- LG Chocolate BL40 review
- Dell Mini 3i review
- Samsung N510 review
- Canon Selphy CP790 review
- Canon Selphy CP790 review
- Alienware OptX AW2210 review
- Microsoft Office 2010 Web Apps review
- Microsoft Office 2010 Web Apps review
- Microsoft Office 2010 Web Apps review
- HP Photosmart A646 review
Latest reader comments
- I have written a comprehensive solution to removing the iKee virus. I have tried it out on my...
- Nothing new here - why persist with these funny little blogs/diaries.
- Steve Ballmer alone is enough to put you off any Windows products.
- @Mike74 Are you a mac guy? lol
- instant messaging sucks and is so informal.
Top news
- Analysis: the two fatal flaws in Google Chrome OS
- 10 technologies we'll miss when they're gone
- 10 technology upgrades that went badly wrong
- How to choose the right version of Windows 7
- In pictures: the Motorola Droid
Latest blog entries
- PC Advisor's winter photo competition
- Why Google Chrome OS is bad for business
- 5 things to love about Office 2010 beta
- 9 things I hate about laptops
- Why I hate Microsoft Office 2010
Sponsored Content
-
Take the internet to new places with the Nokia N800
Communicate how you want to, where you want to with instant messaging, email and internet calling. View movies, browse the internet wirelessly and watch TV on the high-resolution screen and listen through high-quality stereo speakers with headphone jack.
Buy now
Latest technology news:
Sponsored links
-
Visit the NGA Speed Conference
There's only one way to discuss next-generation internet access at high speed Visit the NGA Speed Conference for free video talks on the future of broadband and business. -
Get hands on with the BlackBerry Storm2, and win a BlackBerry smartphone!
Visit PC Advisor's BlackBerry Advisor to use our unique virtual Storm2 smartphone, and for your chance to win a BlackBerry Curve 8520. -
Custom built PCs
Visit our website to see our full range of custom-built PCs. Customise any specification and have the order dispatched the next working day. A massive range of PCs - from £250 to £1,000-plus - and a full list of low-cost components are available.
About PC Advisor | Privacy policy | Media information | Site map | Contact | About IDG
All contents ©IDG 2009 | webmaster@pcadvisor.co.uk
Comments received
rosaleen pooler said on Thursday, 21 May 2009
i have just had a corupt trojan on my compter from a virus called personal virus, i have sky broadband but have mcafee security on my computer and ahve been told i have to pay to get rid and am not pleased about that is their anyway of removing it.
Peter H said on Sunday, 31 May 2009
Rosaleen - who's asking for money to remove a virus?
Surely not McAfee, their VRT is free.
Suzart said on Monday, 01 June 2009
I have the same thing and McAfee want £49.00 to clean it up - Strange the virus got on my system as McAfee was in stalled by dell
Help Please
Dragon said on Monday, 01 June 2009
MacAfee was the 1st antivirus I used. I was never that impressed with it as it could not deal with Trojans. I had to seek out where it was hiding and remove it manually. I then bought Norton. What a nasty bit of bloatware that was. New to PC's I had never heard of Freeware. Thanks to Scott at the Freeware Arena, I tried all sorts of applications for all sorts of problems.
Now I use Avast Free, which updates automatically every 6 hours, and have no problems. I give the PC a sweep with A Squared once a week [again the Free version] . That has to be manually updated but removes worms, trojans and other malware with no problem. Even my FW is Freeware. Why pay when the Freeware is so good?