Code errors will give us a clue of attacked sites...

Hi malware fighters,

Google is our best friend (it is a pity it also is a friend of our adversary - the malcreant)
Looking for a gumblar attack code error can give an insight into attacks (unfortunately despite of the code flaw the attack still will work) - give in the search-query: “ase64_decode()” has been disabled for security reasons" and/or “public_html/images/image.php”
Re: http://blog.unmaskparasites.com/2009/11/04/gumblar-breaks-wordpress-blogs-and-other-complex-php-sites/

As of Nov 6 2009, gumblar.cn no longer has an A record. Looks like they lost their DNS hosting, but the nameservers still exist: http://www.robtex.com/dns/gumblar.cn.html
Analysis by Sophos:
http://www.sophos.com/blogs/sophoslabs/?p=7342
and
http://dannedelko.com/wordpress/wordpress-exploit-gumblar-cn.html

polonus

(emphasis mine)

(emphasis mine again)

Does anybody else see the irony here? ::slight_smile:
Mod?

Don’t respond to spam (true in forums as it is in emails), just use the report to moderator link if you consider it spam.

Hi DavidR,

This was not spam. I made this remark and it is no irony either. Google is a two-sided sword actually, it can be tool in the hands of the malware fighter and malware eliminator as well in the hands of the adversary - the malcreant. He can use Google for instance to see the effectfulness of a certain website hack and the creativeness of his co-malcreants. I added this because it gives a lot of stuff to ponder over,

polonus

You missed the spam post that has been removed, the modified quotes of the post are in computerfreaker response and it was computerfreaker post that I was responding ;D