A Web attack that poisons Google search results is getting worse, according to security researchers.
The attack first relies on compromising normally legitimate website and planting malicious scripts. US CERT reports that stolen FTP credentials are reckoned to be the main technique in play during this stage of the attack but poor configuration settings and vulnerable web applications might also play a part.
Full story: http://cyberinsecure.com/gumblar-google-poisoning-attack-picks-up-speed-246-growth-over-last-week/
View full post on Metallica’s blog
Related Posts
- Facebook Scam Alert: ‘Everyone do check what she did on cam’ Spreading
We’re monitoring an on-going Facebook scam campaign that seems to be spreading faster than any campaign we’ve come across before.
What did this girl do on her webcam?
The scam starts with ... - Facebook Scam Spreading: ‘Hey, I just made a photoshop of you, check it out’
We’ve been monitoring a new Facebook scam that is spreading via Facebook Chat messages. This particular scam usually begins with a chat message from a friend like the one below:
Example of the ... - World Record for Disaster Scam Site?
Approximately two hours after an 8.9 earthquake hit northeast Japan we spotted the first potential donation scam site. We’ve seen this before of course, but for a scam site to appear in just two... - Popular Polish government Web site Opole.pl injected with Pharmaceutical links
Web sites don't necessarily have to be injected with malicious code (the kind of code that ends up delivering exploits to the user’s browser). In fact we see a LOT of Web sites that are inje... - ICWAI site infected
After KVGBANK, now ICWAI has also been found to be the victim of an iFrame injection attack. My previous blog post reveals how famous sites from India like UPSC and KVGBANK have been compromised. The... - “Twitter Notifications” spam emails leads to US Drugs web site
MX Lab, http://www.mxlab.eu, started to intercept a spam campaign with the subject “Twitter Notifications”, send from randomly spoofed email addresses, that leads to U.S. Drugs web site.
... - BBC – 6 Music and 1xtra Web site Injected With Malicious iFrame
The BBC - 6 Music Web site has been injected with a malicious iframe, as have areas of the BBC 1Xtra radio station Web site. At the time of writing this blog, the sites are still linking to an i... - Lush customers should check their credit card statements – more websites hacked
Lush, the handmade cosmetics firm, has shut its Australian and New Zealand websites after hackers apparently gained access to online customers' personal data.
In a statement posted on its website it "... - “porn sex free site” spam attack on .edu sites
There seems to be a rather nasty spamrun taking place on many .edu sites hosting forums at the moment. Filtering out lurid trackback spam and genuine .Edu articles about pornography in ... - Site blockers spread with Fusion Media Player
October 14, 2010
Doctor Web warns users of Trojan.HttpBlock programs found in large numbers in the wild. Such Trojans block access to popular web-sites and demand from users to pay a ransom to be abl...
Posted on 03 May 2010. Tags: additions, Check, Site, unwanted
