Home Archive Forum About
'Gumblar' Attacks Spreading Quickly
Posted by Donster on: 2009-05-19 15:47:30 248
By Matthew Broersma @ CNET News

The attackers behind a series of rapidly spreading Web site compromises have begun using a new domain to deliver their malicious code, security experts say.

The attacks, collectively referred to as "Gumblar" by ScanSafe and "Troj/JSRedir-R" by Sophos, grew 188 percent over the course of a week, ScanSafe said late last week. The Gumblar infections accounted for 42 percent of all infections found on Web sites last week, Sophos said.

Over the weekend, the Chinese Web domain used to deliver the malicious code--gumblar.cn--stopped responding, according to Unmask Parasites, a service used to detect malicious code embedded in Web pages. The attacks' malicious payload has, however, continued to be delivered from a different source, the martuz.cn domain, Unmask Parasites said Monday in an advisory.

Read more...
News Source: Email


Post New Comment
Note: Comments have been disabled.
Icon:
                 
                 
Message:
Include my profile signature.
Disable smilies in this post.
Disable block tag code.
Add [url] tag at URLs.


© 2024 COMBATSIM.COM - All Rights Reserved