A computer virus that targets Google users is mutating rapidly, turning it into what some are calling the biggest threat to online security today.
The worm, known as Gumblar, attacks computers through vulnerabilities in some version of Adobe’s PDF reader and Flash player software. Once it infects a victim’s PC, it silently redirects the user’s Google search results to sites that download more malware onto the machine or allow criminals to conduct “phishing” attacks to steal login details for banking, social networking and websites.
Gumblar has begun to spread through websites where passwords or software have previously been compromised, so that visitors to the sites are unwittingly infected without realising it – a so-called “drive-by download exploit”. Infected PDF documents and Flash films on the site attack the victim’s PC.
Although Gumblar has been known about some time, its activity has increased rapidly in recent weeks. The unidentified writers behind the program have changed its mode of attack, so that it draws malicious code from a web page based in China, and have developed new techniques to avoid being spotted.
“The Gumblar attacks have morphed again,” said Mary Landesman, a senior security researcher with ScanSafe. “What we’re really looking at here can only be described as a botnet of compromised websites. And a growing one at that.”
Read the full story on the Guardian website.
cybasurfa 