Computer Business Review

Security experts warn on mutating Gumblar worm

by CBR Staff Writer| 26 May 2009

A next Conficker in the making

Security experts have flagged the rise of a fast-mutating worm which already is supposedly responsible for up to half of all malware carried on web sites and which could become a bigger threat than the Conflicker virus.

The Gumblar worm targets Google search engine users and attempts to redirect returned search results to malicious sites.

According to anti-virus software supplier Scansafe, the gumblar.cn mal-script appears to be dynamically generated and varies not only from site to site, but also from page to page on the same site.

People who have come across the worm report that compromised web sites risk having their subsequent Google search results replaced with links that point to malicious and fraudulent sites.

Sophos has claimed Gumblar is responsible for at least 40% of all malicious code found on websites, and is mutating as it spreads. The variations of the injected code have reportedly increased, which is an obvious step to evade detection from security solutions. 

Another security software vendor, Websense has said the destination page that Gumblar redirects people to serves up different versions of the malicious content. 

It reckons this could be because the malware authors may have a randomiser built into their server-side code to intentionally serve it randomly each and every time. 

The worm, which has be known as JSRedir-R in some circles, has been around for a while but the speed of its progress in the past week and more is a cause for concern. It is believed to have originated in China and attacks PCs through vulnerabilities in Adobe PDF reader and Flash player.


Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

741 people like this.
0 people follow this.

Intelligence

Suppliers Directory

  • Mimecast

    Mimecast is a rapidly expanding Software as a Service (SAAS) company. We provide an online technology platform that radically improves the way...

  • Red Hat - Leading Provider of Open Source Enterprise IT Products and Services

    Red Hat is at the forefront of open source software development 
for enterprise IT, delivering a broad portfolio of products and services 
for...

  • dynaTrace

    The way applications are built today has fundamentally changed. A new generation of application performance management (APM) is required. dynaTrace...

  • Hitachi Data Systems - Storage Economics

    Storage economics presents a major shift in the way companies assess their storage requirements and investment returns, from one focused on capital...


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.