WordPress Iframe Injection

Friday, March 14th, 2008 at 3:14 am

Malware Gumblar active again!

ScanSafe researchers see renewed activity Gumblar. That has crashed thousands of websites and blogs like WordPress, Drupal, Joomla and other PHP platforms. Gumblar is a multifunctional spread malware PCs to attack, while visiting the web pages hacked. You can steal FTP (File Transfer Protocol) credentials and hijack searches Google's results replace infected computers with links to other malicious sites. Gumblar malware was first seen in May 2009.

The script backdoor is used to infect legitimate websites have been the cause of the accident for some WordPress blogs and other sites based on PHP. Gumblar infected websites contain an iframe - a way to bring the contents of a website in another. Become invisible iframes by the creators of malware. If the victim visits the site, the iframe will begin a series of exploits hosted on a remote try to hack the machine cards.

Gumblar checks whether the victim's PC running updated versions of Adobe Reader Systems and Acrobat programs. If so, the machine is compromised by the so-called drive-by download. Thus, Gumblar infect visitors with a variety online threats. Users experience error messages when using WordPress and other PHP-based sites that are generated due to a bug in the malicious code Gumblar injected into sites warning the site owners that their site is infected.

Typically, domain names have been used for purposes malware have been suspended for the domain name registrars. Like what happened to gumbler.cn where Gumblar got its name, the time came in May this year. Since domains are blacklisted, malware authors often change their domains of software for instructions. But for some reason gumblar.cn domain was released and is now in use again. The botnet infected computers begin again.

Dennis Sinegubko, independent security researcher, discovered that it was really the fault of Gumblar. The authors made some changes in your web code resulting from the current version of Gumblar damage WordPress blogs and other websites.

According to Landesman, the websites are still infected with Gumblar can now call back to the newly activated rule allowing infected computers to be updated with new malware.

Gumblar is up again! Gumblar has crashed thousands blogs and sites like WordPress, Drupal, Joomla and other PHP based sites. It can attack your computer and steal your personal information. Protect your PC before the attacks Gumblar online and do the damage, contact Techie now . We can provide support services they need PC - Repair of virus and spyware removal, performance tuning, installation and configuration, and in general. Do not worry more Techie Now you can help protect your PC.

About the Author

If you want your PC to be protected, Techie Now is ready to provide you flexible, quick and safe services when it comes to virus and spyware removal, performance optimization, software installation and configuration, and other general repair. Feel free to visit us, www.techienow.com

Folder Permissions, 711 or 755 and Why?

Wordpress

$8.57

No Synopsis Available

Injection

$14.99

Track Listing: 1. Injection, 2. Different Worlds, 3. Incognito, 4. I'm Enough, 5. Obsession, 6. Burned, 7. No Control, 8. Upper Hand, 9. Sympathy, 10. Title End Result