Gumblar 'botnet' continues to grow as new variants detected

By

The Gumblar attack is continuing to hit websites with new variants detected in Japan.

Mary Landesman, senior security researcher at ScanSafe, said she had received correspondence claiming that the research on Gumblar ‘sounded very much like the GENO reports that had also been circulating in Japan. And as it turns out, indeed they were the same.'


“ScanSafe termed the compromises 'Gumblar' because that was the name of the second stage malware domain used. Security folks in Japan termed the compromises GENO because one of the more high profile victims of the compromises in Japan apparently was a site named GENO. Unfortunately for our friends in Japan, it appears these Gumblar/GENO compromises are causing just as much headache there,” said Landesman.


ScanSafe also claimed that the infection has created a growing botnet of compromised websites, as even with a dip in traffic over the weekend, the amount of compromised websites grew by a further ten per cent since last Friday. This is up by a total of 246 per cent from when it first began tracking the increase just over a week ago.


The exploit has also reached the attention of US-CERT, which encouraged users and administrators to apply software updates in a timely manner and use up-to-date anti-virus software to help mitigate the risks.

See original article on scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Phishing attack nets enormous npm supply chain compromise

Phishing attack nets enormous npm supply chain compromise

VicRoads to phase out passwords in favour of passkeys

VicRoads to phase out passwords in favour of passkeys

Service NSW centralises security, networking in mammoth CloudOps overhaul

Service NSW centralises security, networking in mammoth CloudOps overhaul

Apple adds "mercenary spyware" protection to new A19 chip

Apple adds "mercenary spyware" protection to new A19 chip

Log In

  |  Forgot your password?