More than half of all web servers on the Internet use Apache, so when we discovered a malicious Apache module in the wild last month, being used to inject malicious content into web pages displayed by compromised web servers, we were understandably concerned. Our concern deepened when we discovered that this malware was being used […]
A few days ago, an interesting piece of Linux malware came up on the Full Disclosure mailing-list. It’s an outstanding sample, not only because it targets 64-bit Linux platforms and uses advanced techniques to hide itself, but primarily because of the unusual functionality of infecting the websites hosted on attacked HTTP server – and therefore […]
For the past three months we have been investigating a Russian attacker serving malware to hundreds of thousands of users per year. The malware is Backdoor.Proxybox, and our investigation has revealed an entire black hat operation, giving us interesting information on the operation and size of this botnet, and leading us to information that may […]
Latest Comments