Gumbler Virus Infects Google Search, Deadliest Yet
JSRedir-R accounted for 42 per cent of all malicious infections found on websites in a one week period. The malware, also known as 'Gumblar,' infected a new page every 4.5 seconds. (Source: sophos.com)Infected Redirected via Google Result Pages
Google users are redirected to other sites that download more malware onto the user's computer and can also allow criminals to steal password details. In addition, the malware sniffs FTP credentials (if found), which are then used to compromise any websites owned by the victim.
The malware infects user machines, causing the redirection to occur locally. Once a machine is infected, any site managed by the victim can be targeted. The worm is believed to draw its code from a China-based website.Traditional Detection Methods Ineffective
According to Mary Landesman, senior security researcher at ScanSafe, detection through traditional methods such as signature detection and blacklisting are not effective due to the complexity of the Gumblar compromises. It appears to be more sophisticated than other malware. (Source: siliconrepublic.com)Malware Increased 300% in 2008
According to SiliconRepublic.com, web malware increased 300 per cent throughout 2008, with another 19 per cent increase in the first quarter of 2009.
Web malware presents a very real threat; more information on what to look for and how to protect your website if it gets infected can be found from Sophos Labs.