Welcome to WebmasterWorld Guest from 54.196.175.173

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Report: Darkleech Malware On Apache Web Server Compromised 40,000 Web Addresses

     

engine

1:44 pm on Jul 4, 2013 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



A campaign that forces sites running the Apache Web server to install highly malicious software on visitor's PCs has compromised more than 40,000 Web addresses in the past nine months, 15,000 of them in the month of May alone.

The figures, published Tuesday by researchers from antivirus provider Eset, are the latest indication that an attack on websites running the Internet's most popular Web server continues to build steam. Known as Darkleech, the rogue Apache module gets installed on compromised servers and turns legitimate websites into online mine fields that expose unsuspecting visitors to a host of dangerous exploits. More than 40,000 domains and website IPs have been commandeered since October, 15,000 of which were active at the same time in May, 2013 alone. In just the last week, Eset has detected at least 270 different websites exposing users to attacks.Report: Darkleech Malware On Apache Web Server Compromised 40,000 Web Addresses [arstechnica.com]
Darkleech, which also goes by the name Linux/Charpoy, is able to tailor exploits to the geographic region of the infected victim as well. Ransomware that infects US-based visitors, for instance, purports to come from the FBI, while ransomware hitting people in other countries is adapted accordingly.

not2easy

8:47 pm on Jul 4, 2013 (gmt 0)

WebmasterWorld Administrator 5+ Year Member Top Contributors Of The Month



Scary stuff, nothing the site owners could do to prevent it or even be aware of its existence.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month