Slashdot Mirror

← Back to Stories (view on slashdot.org)

Drive-By Download Poisons Google Search Results

Posted by timothy on from the monocultural-imperialism dept.

snydeq writes "A new attack that peppers Google search results with malicious links is spreading quickly, CERT has warned. The attack, which can be found on several thousand legitimate Web sites, exploits flaws in Adobe software to install malware that steals FTP login credentials and hijacks the victim's browser, replacing Google search results with links chosen by the attackers. Known as Gumblar because at one point it used the Gumblar.cn domain, the attack is spreading quickly in part because its creators have been good at obfuscating their attack code and because they are using FTP login credentials to change folder permissions, leaving multiple ways they can get back into the server."

2 of 136 comments (clear)

  1. nice work by Odd_Sam · · Score: 0, Flamebait

    Kudos to the author of this virus. The mindset that is behind such a hack is quite insane. I mean nobody would expect for a google search link to have been hijacked. Before you know it they'll have a way for your facebook to get malware. Anyone who got hit by this attack surly had it coming IMO.

  2. Re:Wouldn't... by elfprince13 · · Score: 0, Flamebait

    OS X's preview is great for viewing PDFs, and there are plenty of Linux programs for doing the same thing. It's only Windows idiots who think they *have* to install Acrobat Reader.