Saturday, June 6, 2009

Gumblar Targets IE Users and Google Search, Resulting in Private Data Theft

More than 1,500 Web Sites have been Attacked.

Severity: High Risk

What is it?
Gumblar is currently targeting users of IE and Google search, delivering malware through compromised sites that infect a user's PC and subsequently intercepts traffic between the user and the visited sites. This means that once infected, anything the victim types could be monitored and used to commit identity theft, such as stealing credit card numbers, passwords or other sensitive data. Visitors encountering the compromised website also risk having their subsequent search results replaced with links that point to other malicious websites. The malware can also steal FTP credentials from the victim's computer and use them to infect more sites, thus increasing the spread of this threat.

Who is at risk?
Users of Internet Explorer and Google's search engine.

How do I protect myself?
If you are running ZoneAlarm® ForceField™ browser security technology you are already protected. If you are running ZoneAlarm Extreme Security, you must turn ON ForceField virtualization (Open ZoneAlarm Extreme and go to 'browser security', 'settings', 'advanced' and click 'enable virtualization').

If you are running the ZoneAlarm free firewall, you could be at risk, since it does not include virtualization technology which protects from these types of stealth Web browser attacks.


No comments: