Have you had any issues with the Gumblar “attacks”?
Here is a article that about the Gumblar Attack that is effecting Linux Servers, specific FTP in spreading this virus/worm.
Here is what one host is sending out to all their Linux customers:
On Monday, we alerted you about hosting packages on our Linux Hosting environment being affected by Gumblar attacks. Over the past few days, we have been investigating these attacks, and working on methods to mitigate damage caused by them; this mail contains our findings and recommendations.
- Through our investigations, it was confirmed that the infection was not due to any server vulnerability. We enforce stringent security measures to safeguard your data.
- The attack is perpetrated through stolen FTP login credentials. It transmits FTP information to an IP address from an infected machine.
- This FTP information is then used to log on to the web server and infect the hosted website.
- The attack is not limited to ResellerClub's hosting services - so far, thousands of websites across a large number of hosting providers have been infected through this attack.
- We recommend you install an antivirus program with the latest updates and ensure removal of any malware, trojans or key loggers on any machine that you use to manage your website's content via FTP.
- Several free antivirus software like [I]AVG, AntiVir, Malwarebytes[/I] are available for this purpose. Regular virus scans will minimize such threats to a great extent.
- Once you are confident that you have a clean machine then you should change all FTP passwords.
- All websites that were determined to be infected have now been cleared. [LIST]
- If you find any discrepancy with the content of your website, please inform our support team immediately.
- You need to login to your control panel and set new passwords for all FTP users.
- It is advisable that you set complex passwords and regularly update them for added security.
- This knowledge base article contains instructions on how to reset your FTP passwords
- This KnowledgeBase article contains more information about SFTP as well as a list of common SFTP clients -
- This knowledge base article contains a guide to net2FTP -