Japanese Police Detects the Origin of Gumblar Infection

The Metropolitan Police Department (MPD) of Japan has discovered that the viruses behind the disreputable Gumblar attacks made on systems, which interpolate company sites, evolved from servers of five different countries of Europe viz. Luxemburg, France, UK, Netherlands and Germany.

Gumblar attacks, which have been widespread throughout the globe since the spring of 2009, modify the sites of reputed firms and other institutions. The attack takes the users to an alternative website which contains malicious software, further infecting their systems. It can even steal the passwords and other private details.

Department's technologically advanced crime investigators think the stolen IDs and passwords were used to gain access to the websites in several cases which have been registered since mid-December. According to the MPD, the targeted Japanese firms are House Foods Corp, railway operators East Japan Railway Co and Keio Corp, Lawson Inc, convenience store chain, Shin-Etsu Broadcasting Co and Morozoff Ltd, a confectionery maker.

So far, the MPD has proved that websites operated by 13 Japanese firms and organizations have been hit by Gumblar. Further, 259 cases of home page alterations have been substantiated since the time it started its investigation in the year 2009 into alleged cases related to Gumblar.

As per the security experts, the MPD has not been able to find the hackers (who reportedly used the target websites from abroad) by the IP addresses of their systems. This is because the shown IP addresses were set to change in every few seconds.

On examining these IP addresses, the MPD ultimately found that the attacks made by Gumblar were released through almost 31 servers in the above mentioned European countries- 19 servers in France, 6 in the Netherlands, 4 in Germany, and one each in the U.K. and Luxemburg, respectively. Further, the department has also discovered that the domain address of the sites that take visitors to an alternative website ended with ". ru", which means Russia.

Therefore, through the National Police Agency, the MPD will soon inform the officials in the European countries. In an attempt to unearth suspects, the Police of Tokyo are thinking of asking these officials to give details about contracts and server access.

Related article: Japanese Text Editor Reports Flaw

» SPAMfighter News - 4/1/2010