{"id":1808,"date":"2009-05-20T10:01:26","date_gmt":"2009-05-20T10:01:26","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=1808"},"modified":"2015-09-09T19:38:04","modified_gmt":"2015-09-09T11:38:04","slug":"google-poisoning-attack-gumblar-still-causing-problems","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2009\/05\/google-poisoning-attack-gumblar-still-causing-problems\/","title":{"rendered":"Google Poisoning Attack Gumblar Still Causing Problems"},"content":{"rendered":"
[ad]<\/p>\n
I thought this would have been stamped out by now, but sadly it’s still going on. With the advent of cheap web hosting and easy to use CMS systems like WordPress<\/a> more and more people are managing their own websites (gone are the days of Geocities).<\/p>\n More people with websites means more FTP details to be stolen, and more websites to be spammed up by malware propagators.<\/p>\n With that sentiment, Gumblar is gaining more traction poisoning Google search results.<\/p>\n A Web attack that poisons Google search results is getting worse, according to security researchers.<\/p>\n The attack first relies on compromising normally legitimate website and planting malicious scripts. US CERT reports that stolen FTP credentials are reckoned to be the main technique in play during this stage of the attack but poor configuration settings and vulnerable web applications might also play a part.<\/p>\n Surfers who visit compromised websites are exposed to attacks that rely on well-known PDF and Flash Player vulnerabilities to plant malware onto Windows PCs.<\/p>\n This malware is designed to redirect Google search results as well as to swipe sensitive information from compromised machines, according to early findings from ongoing analysis.<\/p><\/blockquote>\n