View Single Post
  #1   (View Single Post)  
Old 8th May 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default Web server backdoor also booby traps lighttpd and NGINX

From http://h-online.com/-1859667


Quote:
The criminals behind Linux/Cdorked,.a web server backdoor, are targeting the lighttpd and NGINX web servers. This is in addition to the already discovered compromised Apache HTTPD servers, according to a blog post by the anti-virus specialists at ESET. Cdorked turns web servers into malware machines, sending a selection of their visitors to malicious pages used by exploit kits like Black Hole.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote