The drive-by-download threat, Grumblar, continues to cause widespread infection, through the number of Web sites compromised with the malicious code appears to have declined since late May, according to Web security firm Websense. The multi-stage threat, which first compromises Web sites to install malicious code that is then used to infect visitors' PCs, rocketed eight-fold in mid-May, according to an update posted to Websense's research blog on Friday. Attackers use stolen FTP credentials to embed the first stage of the attack on legitimate Web sites. Gary Warner, a professor of digital forensics at the University of Alabama, document an investigation he and his students performed on a compromised Facebook group. The group, which boasted 40,000 members, contained a link to a malicious site that attempted to infect visitors with Grumblar. "Their (site's transfer) logs indicated that the malicious content was uploaded to their server by a visitor from the Ukraine, who had logged in using their webmaster's correct userid and password," wrote Warner. "It wasn't a poorly chosen password, and it wasn't brute forced. They logged in successfully on the first try, indicating that their webmaster probably had a keylogger running on his home computer. In other words, the webmaster's FTP password was known to the criminals." The attacks, dubbed "Grumblar" for the name of the site in China to which visitors were originally redirected, was first detected in March, spiked in mid-May, and has since declined. A malicious PDF file uploaded to victim's systems by Grumblar contains the phrase, "Boris likes horilka," according to Warner's blog. Horilka is the Ukrainian word for vodka. The software steals FTP credentials, sends spam, installs fake antivirus software, hijacks Google search queries, and disables security software.
Labels
- 2010 (1)
- action (1)
- adobe (1)
- Adobe and Apple patch together (1)
- Adobe Photoshop CS5 Extended 12.0 + Serial (1)
- adsense (1)
- Advanced SystemCare PRO v3 (1)
- algorithms (1)
- Anti Trojan Elite (3)
- anti-rootkit (1)
- antispam (5)
- Antivirus (23)
- Apollo 11th The Untold Story (1)
- Apple QuickTime Pro V7.6.6 Build 1671 + License (1)
- Application (42)
- artikel (2)
- Ashlar Vellum Graphite v8.8.1 SP3 (1)
- avast Internet Security 5 (1)
- AVS Video Converter v6.4.3.418 + Crack (1)
- Bayer Aspirin (1)
- BitDefender (1)
- blog (1)
- Chinese Painting Art Wallpapers (1)
- claim (1)
- Classic Love The Ultimate Ballads Album (2009) (1)
- Coming to terms with cyber warfare (1)
- computer (1)
- Credit cards in Vector (1)
- Data Base (1)
- Data shows Grumblar still threatens (1)
- Doctor with AntiVirus v7 (1)
- DOS Prompt (1)
- double driver backup (1)
- Download (130)
- Download Cogniview PDF2XL Enterprise 4.4.24.185 at High Speed (1)
- downloader (3)
- Draw (4)
- Driver (3)
- DVD (1)
- DVD tools (3)
- eBooks (19)
- Enya (1)
- Euro 2008 (1)
- flash decompiler (1)
- Floppy (1)
- font (1)
- free (1)
- Games (10)
- Ghost Windows 7 Final RTM x86/x64 Lite Edition (1)
- Gif Animator (2)
- Google (1)
- Graphic (4)
- Graphics and Design (11)
- Grapict (9)
- Hamrick Vuescan Professional Edition 8.6.29 incl. Patch (1)
- Hide IP Easy 4.2.1.2 (3264 bit) +Portable (1)
- hot news (3)
- Intermezo ( Kesehatan ) (5)
- Internet (6)
- Internet Security (4)
- K-Lite Mega Codec Pack 4.9.0 (1)
- Kaspersky KIS/KAV 2011/2010/2009/2008 Keys-21 DECEMBER (1)
- Legend of The Seeker (1)
- linux (2)
- London Symphony Orchestra - Kashmir (1)
- Love song (2)
- malware (1)
- microsoft (3)
- Microsoft Windows 7 (1)
- Microvideosoft Video Converter Professional v8.2.3.386 (1)
- Mobile (1)
- Movie (14)
- Mp3 (2)
- MPEG AVI DIVX WMV RM to DVD (1)
- MSFT (1)
- Mudbox 2011 Subscription Advantage Pack (1)
- multimedia (29)
- Music (4)
- Music and Sound (84)
- Networking (2)
- news (3)
- office (4)
- office template (1)
- optimizer (2)
- OS (9)
- PC Media (1)
- PC Tools Internet Security 2010 7.0.0.545 + SERIAL (1)
- PCRecovery DriveRestore Professional v3.1.2 (1)
- Peter Billingsley (1)
- photographers (1)
- Photoshop (1)
- Portable (8)
- programer (8)
- rapidshare (1)
- RealPlayer SP 1.1.4 Build 12.0.0.756 + PATCH (1)
- Registry (7)
- Revo Uninstaller Professional v2.2.0.0 (1)
- Rise of Nations (1)
- Scedule (1)
- Scripts (1)
- Season 1 (1)
- Secret Tomb Of Jesus (1)
- Snow Leopard Cache Cleaner 5.0.6 (1)
- Software (224)
- Special (3)
- Spyware (1)
- Sunless - Stars Falling (1)
- System (16)
- System Mechanic (2)
- technorati (1)
- Theme (2)
- Throttle 6.5.3.2010 (1)
- tool (34)
- Tools (40)
- transtool (1)
- Tutorial (22)
- Tutorials (10)
- TV Serial (1)
- Ultimate RnB The Love Collection (2CD) (2009) (1)
- USB (1)
- Valentine (2)
- VCD tools (4)
- Vector (1)
- Video (6)
- Wallpaper and Grapict (14)
- Who Dies First In The Godfather (1)
- Windows (18)
- Windows Sofware (6)
- WinUtilities Professional Edition 9.62 (1)
Blog Archive
-
▼
2009
(37)
-
▼
June
(15)
- Ulead Photo Explorer 8.5 Full
- London Symphony Orchestra - Kashmir: Symphonic Led...
- Call Of Juarez (PC Game)
- K-Lite Mega Codec Pack 4.9.0
- Card Mix
- Sunless - Stars Falling (2009)
- Coming to terms with cyber warfare
- MSFT, Adobe and Apple patch together
- Data shows Grumblar still threatens
- Tips Menghentikan Proses Dari DOS Prompt
- Backup dan Restore Driver Dengan Double Driver
- Mengendalikan Proses Rakus CPU di Linux
- Continuing Broken rsync
- Ternyata Kadang Masih Perlu Image Floppy
- Cogniview PDF2XL Enterprise 4.4.24.185
-
▼
June
(15)
NEWS 24
