Gumblar Malware Infects Australian Website Nine MSN
Websense, an Internet security company, has claimed that Australia's heavily trafficked website 'NineMSN' has been compromised.
The security monitoring network disclosed that NineMSN had injected a malicious code in a banner house advertisement of the Australian Women's Weekly magazine. It was also found that the malicious code included 12 scripting exploits, and was spread by sexsplash.ru, and hosted on two different domains.
As per the detailed analysis of the malware, Gumblar had hit the website by first penetrating into the secured servers and then downloading malware on those computers which visited the infected site. The security company has categorized Gumblar as the most active botnet in 2009.
Websense further said that the infected web pages were currently inactive, but their power of corrupting computers could not be ruled out. If the attack successfully conducted, it results in the corruption of Google pages when viewed through Internet Explorer.
David Brophy, ANZ Senior Marketing Manager, Websense, said that victims of the attack might come across fake results that took them to fraudulent websites, as reported by securecomputing on February 16, 2010.
Search engine giant Google has restrained the access to NineMSN for its users, giving reason that the site has been blacklisted for suspicious activities three times over the past 90 days.
Annie Baxter, Google Spokesperson, explained that Google had set up several cleaning systems that check the index for dangerous websites and add a label to those websites that seemed to have involved in the spreading of malware on computers visiting them, as reported by securecomputing on February 16, 2010.
NineMSN has defended itself by categorically claiming that it takes the issue of security very seriously. It checks and takes necessary measures to ensure that the website and third party websites associated with it are completely safe for its users.
The news of the attack has become public at a time when online infrastructure in Australia has been hit through various avenues. For instance - a group of individual hackers called "Anonymous" spent part of the second week of February 2010 to attack websites of federal government as part of distributed denial of service attack in protest of proposed government plan to filter Internet.
» SPAMfighter News - 23-02-2010