BANGALORE: We don’t want to say we told you so, but only a few days after security experts raised an alarm over a series of rapidly spreading website attacks collectively known as ‘Gumblar’, Karnataka’s very own electricity regulator’s website has been compromised and is now found in the Google blacklist.
The Karnataka Electricity Regulatory Commission’s (KERC) websitewww.
kerc.org, according to Google may harm your computer as it has found suspicious activity on the website.
A diagnosis of the commission’s website says that when Google tried visiting the site, it found suspicious content on the website.
“A part of this site was listed for suspicious activity one time over the past 90 days,” says the diagnostic page.
Of the seven pages tested by Google on the website over the past 90 days, two pages resulted in malicious software being downloaded and installed without the consent of the user.
While the site did not appear to function as an intermediary for the infection of other websites, malicious software including 11 scripting exploits and six Trojans were found on the website and the software is hosted on one domain including gumblar.co, says Google.
Swift action KERC officials said that the service provider has been notified as soon as the attack was noticed. “The service provider is looking into it and the problem will be rectified asap” said officials. Security experts, however, have warned to stay off compromised websites until they are cleaned.
The Chinese web domain (www.
gumblar.cn) associated with Russian and Latvian IP addresses which was used to deliver the malicious code and trigger the attack had a whopping 5878 scripting exploits and 41 trojans when diagnosed by google. It has already infected 15774 websites over the last 90 days.
Gumblar was first detected in March and has spread more and more quickly since then, against the expectations of security experts.
The scripting exploits attempt to exploit vulnerabilities in Adobe’s Acrobat Reader and Flash Player to deliver code that injects malicious search results when a user searches Google on Internet Explorer.