Advertisement


Advertisement

Thread Rating:
  • 5 Vote(s) - 2.6 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Microsoft Warns of Increase in Gamburl Attacks A JavaScript redirector
Advertisement
#1
Microsoft warned of an increase in web-based attacks related to a family of malicious code referred to as Gamburl, but also Gumblar or Redir. Gamburl is essentially a JavaScript redirector, and in this regard poses a high level of risk to end users because the code is used on legitimate websites that have been compromised by attackers.

Microsoft informed that it had confirmed the existence of legitimate webpages in the wild, modified in order to contain the malicious script. While victims think that they are safe by visiting trusted and familiar online destinations, the addition of Gamburl means that drive-by-attacks could be just “around” the next click.

Elda Dimakiling and Jireh Sanico from the Microsoft Malware Report Center explained that: “When a user visits a site containing a Gamburl script, the browser will be redirected to a specific Web site that contains a slew of exploits and other malware. As of this writing, Gamburl is known to redirect to the following Web sites: gumblar.cn; martuz.cn. Once connected to the above sites, Gamburl tries to download other malware into the system. From what we have observed, these malware are mostly backdoors, PDF and Shockwave exploits.”

At the same time, Microsoft informed that malformed webpages could lead to infections with malicious code from the Win32/Daonol family. Daonol Trojans are used to redirect searches to additional malicious websites. Removal is that more difficult since the malware blocks access to the websites of security companies.

“Daonol is also capable of stealing information, such as FTP credentials, and placing the information in a file in the Windows system folder called sqlsodbc.chm. Note that a file named sqlsodbc.chm exists by default when you install Windows, and so is overwritten if your system has been infected by Daonol. This may be a symptom of Gamburl/Daonol infection,” Dimakiling stated.
Reply
Thanks given by:
Advertisement
Advertisement




Possibly Related Threads…
Thread Author Replies Views Last Post
  General News: Microsoft is bringing Android App support to Windows 10: Report nairrk 0 329 11-30-2020, 06:43 PM
Last Post: nairrk
  General News: Microsoft Edge now the second most popular web browser, says study nairrk 0 212 08-04-2020, 06:29 PM
Last Post: nairrk
  General News: Microsoft Windows 10 May 2019 Update announced; will put you in control of updates nairrk 0 674 04-06-2019, 11:47 AM
Last Post: nairrk
  General News: Microsoft Office 2019 released for Windows and Mac nairrk 0 750 09-25-2018, 12:33 PM
Last Post: nairrk
  General News: Microsoft Teams chat service now comes with a free tier to take on Slack nairrk 0 680 07-13-2018, 01:37 PM
Last Post: nairrk
  General News: Microsoft just teased dark mode for Outlook.com nairrk 0 664 07-06-2018, 07:14 AM
Last Post: nairrk
  General News: Microsoft Edge on Android gets Adblock+ integration & some performance improvements nairrk 1 803 06-26-2018, 10:44 AM
Last Post: nairrk
  General News: Microsoft launches ‘Visual Search’ on its mobile apps including Bing, Microsoft.. nairrk 0 797 06-22-2018, 12:46 PM
Last Post: nairrk
  General News: Microsoft News, the revamped MSN news is rolling out for Windows 10, iOS, Android.. nairrk 0 638 06-21-2018, 11:20 AM
Last Post: nairrk
  General News: Microsoft acquires student video discussion platform Flipgrid nairrk 0 759 06-19-2018, 02:45 PM
Last Post: nairrk

Forum Jump:


Users browsing this thread: 1 Guest(s)
Advertisement