In the last few months, we have witnessed a rise in the number of cases of modified Web servers that inject malicious redirections into every website that it hosts. One example was the malicious Apache module (Linux.Chapro and Trojan.Apmod) that we blogged about recently. A newer example is Linux.Cdorked, about which our friends at ESET […]
Last week, our friends at Sucuri sent us a modified version of an Apache webserver redirecting some of its requests to the infamous Blackhole exploit packs. Sucuri has published a blog post on this attack. Our analysis of this malware, dubbed Linux/Cdorked.A, reveals that it is a sophisticated and stealthy backdoor meant to drive traffic […]
On Friday, 21 September 2012, at 10:52:27, the G Data SecurityLabs detected a malicious website containing a partially obfuscated and suspicious looking JavaScript. We suspect that this detected attack is one of the first attempts to use the exploit in a modified version and in a large scale attack, which stands in contrast to the […]
Latest Comments