Experts: Gumblar attack is alive, worse than Conficker

Updated May 29 at 11:25 a.m. PDT with more details, quotes throughout.

Gumblar, a new attack that compromises Web sites, has added new domain names that are downloading malware onto unsuspecting computers, stealing FTP credentials to compromise more sites, and tampering with Web traffic, a security firm said on Thursday.

The Gumblar attack started in March with Web sites being compromised and attack code hidden on them. The malware downloaded onto those sites came from the gumblar.cn domain, a Chinese domain associated with Russian and Latvian IP addresses that were delivering code from... http://news.cnet.com/8301-1009_3-10251779-83.html?tag=nl.e757