Recently, a Trojan virus coined “Gumblar” has been spreading throughout the Internet. It works by injecting an exploit into the HTML code of a website, and downloads a program which is automatically installed on your computer (and thus infecting it with the virus). The program will then sniff out for FTP passwords that are entered, and log into those FTP accounts to infect your site with the same HTML exploit. Any users who visit your site will also be infected with this same virus, and their FTP passwords captured. Because of this vicious cycle, millions of websites have been infected.
Some of our customers have experienced the problem, and we have been fixing it as quickly as we can. The first thing you must do is scan your own computer to remove the Trojan. Then, you should change your FTP password, and begin to remove the infected code/files. A more comprehensive guide can be found at: http://www.danielansari.com/wordpress/2009/05/automatic-removal-of-gumblarmartuz-trojan/ and general Q&A can be found at: http://blog.scansafe.com/journal/2009/5/14/gumblar-qa.html
Please contact us with any questions.
{ 0 comments… add one now }