Attack Poisons Google Search Results

Ralph DeFrangesco

Security experts are tracking an attack that targets Google search results. The attack, named Gumblar, works by targeting a flaw in Adobe's Flash Player to install a malicious program on the victim's computer. The program then steals FTP login credentials and uses them to continue to spread. In addition, it hijacks the victim's browser, replacing Google search results with something else.


Researchers have found the attack to be very clever in that it covers its tracks by doing things like changing folder permissions and leaving behind a back door to re-enter the system at a later time.


My analysis of Gumblar is that it appears not to be a major threat at this time. According to ScanSafe, it has only infected 3,000 sites so far. The attack does seem to have some traction, though. Last week the infected Web site count was only at 800. This is probably due to the attack being new. If your systems are fully patched, there should be no problems. Stay tuned as we follow this attack to see how it progresses.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.