What is Gumblar?
According to the IBM Internet Security Systems website, Gumblar is a botnet that infects traditionally non malicious web servers so as to infect the computers of users who have visited infected websites. Gumblar computer virus attacks PCs through vulnerabilities in some versions of the Adobe's PDF reader and Flash player software.
Google Redirect and Gumblar Virus
Once it infects a PC, the gumblar virus silently redirects the victim's google search results to websites that injects malwares. Reportedly, the gumblar virus targets google users and the updated version is said to have been tweaked to more efficiently infect users of the Google Chrome browser.
Gumblar Detection: Are You Infected?
Detection of the gumblar malware may be done by identifying malicious scripts. Web pages that are infected by the gumblar PC virus have a script that looks like this:
Infected websites have their own modification of the script but these modifications have common parts that can be identified as the gumblar . cn script. Read this post for more information on Gumblar symptoms. You may also want to check your website using this site:
How to Avoid Gumblar
US-CERT has already issued a statement about the Gumblar malware and encourages users to use updated software and antivirus programs.
Gumblar Removal : How to Remove Gumblar
Unmaskparasites.com provides gumblar remove instructions and recommends scanning for spyware using programs such as the malware removal tool Malware Bytes. Remove all the malicious codes that have been installed in the server files (.html, .php, .js, etc.) and change FTP passwords in a clean computer. Read this article for a more detailed instruction.
For more information on Gumblar virus removal and detection, visit these gumblar removal articles and references:
http://blog.scansafe.com/
http://www.iss.net/threats/gumblar.html
http://www.guardian.co.uk/technology/2009/may/22/gumblar-google-malware
http://www.cbsnews.com/stories/2009/05/29/tech/cnettechnews/main5047992.shtml?source=RSSattr=SciTech_5047992
Friday, May 29, 2009
Gumblar Virus: Symptoms and Removal
Subscribe to:
Post Comments (Atom)
4 comments:
Post a Comment