2 Replies - 9024 Views - Last Post: 02 April 2013 - 11:13 AM

#1 Lemur  Icon User is offline

  • Pragmatism over Dogma
  • member icon


Reputation: 1381
  • View blog
  • Posts: 3,511
  • Joined: 28-November 09

[Link] Apache/NginX Exploit

Posted 02 April 2013 - 10:34 AM

http://arstechnica.c...ks-20000-sites/

Quote

The ongoing attacks, estimated to have infected 20,000 websites in the past few weeks alone, are significant because of their success in targeting Apache, by far the Internet's most popular Web server software. Once it takes hold, Darkleech injects invisible code into webpages, which in turn surreptitiously opens a connection that exposes visitors to malicious third-party websites, researchers said. Although the attacks have been active since at least August, no one has been able to positively identify the weakness attackers are using to commandeer the Apache-based machines. Vulnerabilities in Plesk, Cpanel, or other software used to administer websites is one possibility, but researchers aren't ruling out the possibility of password cracking, social engineering, or attacks that exploit unknown bugs in frequently used applications and OSes.


...and now I'm glad we're not running Apache.

Quote

Since there's not yet consensus among researchers about exactly how Darkleech takes hold of infected systems, it's still unclear exactly how to protect them. And as already noted, disinfecting systems can also prove challenging since backdoor and possibly even rootkit functionality may allow attackers to maintain control of servers even after the malicious modules are uninstalled.


http://malwaremustdi...chs-apache.html

Spoke too soon. Looks like it had some fun for NginX as well.

This post has been edited by Lemur: 02 April 2013 - 11:51 AM


Is This A Good Question/Topic? 0
  • +

Replies To: [Link] Apache/NginX Exploit

#2 Programmist  Icon User is offline

  • CTO
  • member icon

Reputation: 252
  • View blog
  • Posts: 1,833
  • Joined: 02-January 06

Re: [Link] Apache/NginX Exploit

Posted 02 April 2013 - 10:48 AM

What are you using?
Was This Post Helpful? 0
  • +
  • -

#3 Lemur  Icon User is offline

  • Pragmatism over Dogma
  • member icon


Reputation: 1381
  • View blog
  • Posts: 3,511
  • Joined: 28-November 09

Re: [Link] Apache/NginX Exploit

Posted 02 April 2013 - 11:13 AM

NginX, but I was being cheeky. I'm aware of a few fun bugs there too that I've been mitigating.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1