The huge network of web pages compromised by the Gumblar botnet is now being used to spread malware, according to researchers.
Security firm ScanSafe reported that a number of pages connected to the Gumblar attacks in May had been serving malware to visitors.
The company noted that the attacks were unique in that, rather than infecting the pages to link to a single attack site, each of the compromised servers is hosting the malware on its own.
In addition to the compromised pages, the botnets operators have inserted a script that redirects users to a number of web forums.
"The majority of the compromised sites are small 'mom and pop' style sites in non-English speaking countries, but that's not important because the attackers have a clever trick for driving traffic directly to the malware hosted on those sites," said ScanSafe senior security researcher Mary Landesman in a blog posting.
First appearing in May, the Gumblar attack gained notoriety in the security world for the speed at which the malware spread. The attack not only compromised the target system, but checked for FTP credentials which were then used to target other pages.
RTX 280 Ti will come with 11GB of fast GDDR6 video RAM with a 352-bit memory bus offering 616Gbps
The scale of jobs lost to automation will be at least as large as those in the first three industrial revolutions
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC