Tag: web server
-
Ebury and Mayhem server malware families still active
Whether it is to send spam or to redirect web traffic to malicious payloads, compromised ( Linux ) web servers are the glue in many a malware campaign. Two such networks of compromised servers – about which VB has published papers in the past – have recently received updates. The paper ‘Operation Windigo’ ( pdf ) was…
-
Ebury and Mayhem server malware families still active
Whether it is to send spam or to redirect web traffic to malicious payloads, compromised ( Linux ) web servers are the glue in many a malware campaign. Two such networks of compromised servers – about which VB has published papers in the past – have recently received updates. The paper ‘Operation Windigo’ ( pdf ) was…
-
Paper: Mayhem – a hidden threat for *nix web servers
New kind of malware has the functions of a traditional Windows bot, but can act under restricted privileges in the system. One of the main trends in malware in recent years is a sudden focus on malware targeting Linux and Unix (web) servers. By targeting these servers, malware authors not only make user of far…
-
Apache binaries replaced by stealth malcious ones
Malicious servers opening backdoors, performing redirects. Researchers at ESET and Sucuri have discovered a modified Apache binary that is used on hundreds of web servers to perform malicious redirects and open a backdoor to the server, while going to great lengths to hide its activity. Recently, thousands of websites – most prominently that of the…
-
Thousands of websites infected with .htaccess redirect attack
Various anti-detection methods applied. Thousands of legitimate websites have seen .htaccess files compromised and as a consequence have been used to serve the ‘Milisenco’ trojan, researchers at Symantec report. .htaccess is a configuration file used by a number of webservers, including the popular Apache server. It allows for decentralised management of the server and requires…