Read more below…
Attacks by new types of computer viruses similar to Gumblar have recently come to light, with about 400 private firms' Web sites altered since late December, according to a survey conducted by a computer security firm.
In the attacks by Gumblar and its variants, people who visit infected Web sites are redirected to other sites that then install malware onto their computers, resulting in private information such as passwords and IDs being stolen.
While the purpose behind such attacks has been unclear, attackers using the new Gumblar-type viruses have a clearer criminal intent, as such viruses are capable of stealing credit card numbers - something that older versions of the Gumblar variants could not do.
The Web sites of Tokyo's Mizuhomachi town government and Hokkaido prefectural government have been affected by Gumblar or its variants. The Mizuhomachi town government Web site was altered on different occasions between Oct. 12 and 30, and the personal computers of about 8,000 people who visited the site could potentially have been infected with the virus.
For the Hokkaido prefectural government, eight government-related Web sites, such as that of the Hokkaido Lifelong Learning Promotion Center, were altered on different occasions between Dec. 11 and Jan. 5. During this period, a total of about 1,800 people reportedly visited these infected Web sites.
Due to fears that the personal information of residents and other people could be stolen via infected Web sites, the Internal Affairs and Communications Ministry is calling for local governments across the nation to introduce a Gumblar-detection system developed by the Local Authorities Systems Development Center, which is under the ministry's control.
Meanwhile, it also has been learned that other Web sites might have been infected with Gumblar or its variants, including those belonging to Tokyo University's Graduate School of Education and Faculty of Education; the Organization for Small and Medium Enterprises and Regional Innovation, Japan; Sapporo's parks and greenery association; and the Sendai International Relations Association.
"In addition to private firms' Web sites, Gumblar and its variants are now affecting other sites," an official at G Data Software K.K. said. "Attackers apparently target Web sites by using autopilot and other software."
Gumblar and its variants started circulating around the globe last spring. Though the attacks seem to have gone into respite, they flared up again around October. At that time, visitors to infected Web sites were redirected to other sites, where their personal information such as IDs and passwords could be stolen.
However, no actual damage was reported at that time, and the attacks tailed off again in mid-December.
Around that time, however, a third wave of attacks started. In these latest attacks, visitors to infected Web sites are redirected to illicit Web sites where the users inadvertently install bogus antivirus software that is capable of stealing credit card numbers. These Web sites also can make visitors' computers send spam e-mails.
According to a survey by Kaspersky Labs Japan, a Tokyo branch of a Moscow-based computer security firm, similar kinds of attacks have occurred on more than 380 Web sites in the country since Dec. 24.
"In the previous attacks, the intention of attackers was unclear. But in the latest attacks, there's clearly a financial motive," Suguru Ishimaru, an analyst at the company said.
"An increasing number of computers may have been remotely operated by third parties without the computer owners even noticing. Individual users should take protective measures, such as updating their (antivirus) software," Ishimaru added.
Source: http://www.philly.com/philly/business/technology/020810_malicious_virus_attacks_rise.html
