Gumblar ‘injects malicious links into Google’
Steve Swallow wrote: Google search results could be malicious on systems infected by Gumblar or its offspring Martuz.
The United States Computer Emergency Readiness Team (US-CERT) has warned of a threat which affects a number of areas of a user’s system, including their Google search results.
Gumblar is a “drive-by-download exploit” which injects malicious links into Google search result pages.
As a result, users who click on results provided by Google could find their browser redirected to a page selected by the Gumblar infection.
Meanwhile, some websites’ servers have also become infected by the malware, causing them to infect the systems of visitors who do not have up-to-date software installed.
Outdated versions of Adobe’s products, including Flash and Acrobat, have been linked with a greater vulnerability to the threat.
Infected systems are monitored by Gumblar for any FTP details, US-CERT says, which may then be used to increase the number of infected websites further.
Gumblar can also infect servers with poor configuration settings and poorly secured web applications.
The malware is named for its server of origin, which has been traced to gumblar.cn.
However, a new form of the threat, called Martuz, has now been identified by security companies as the domain martuz.cn has begun to be referenced by some infected systems.
Search Engine Optimisation Specialists
Internet Advertising Service
Christian Web Design