Miles Associates LLC

Jim Miles – IT & IT Security Consultant – Web Sites for Growing Organizations

Gumblar-Hacked Sites Install Google-Targeting Malware

May 15, 2009:

A new round of Web sites hijacks is attempting to install malicious, Google-focused software on unpatched PCs, …cementing the drive-by-download approach as a bad-guy tactic of choice.

The attack, dubbed “Gumblar” by ScanSafe, starts by hijacking legitimate sites and inserting attack code. The more than 1,500 hacked sites, including Tennis.com and Variety.com, don’t represent an especially huge number, but its growing rapidly. Since last week, the attack has grown by 80 percent, according to the company, and has spiked 188 percent since yesterday.

The attack code has largely gone after PDF and Flash flaws discovered in the last year … these particular assaults can be largely neutered by making sure you have the latest versions of the Adobe software.

… The PDF attack approach is more bad news for Adobe, whose programs have become a favorite target of late.

via Gumblar Hacked Sites Install Google-Targeting Malware.  (CIO Magazine)

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s