Posted on 07/21/2014 6:45:33 AM PDT by Olog-hai
Malware dubbed Mayhem is spreading through Linux and FreeBSD web servers, researchers say. The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches.
Andrej Kovalev, Konstantin Ostrashkevich and Evgeny Sidorov, who work at Russian internet portal Yandex, discovered the malware targeting *nix servers. They traced transmissions from compromised computers to two command and control (C&C) servers. So far they have found 1,400 machines that have fallen to the code, with potentially thousands more to come. […]
Mayhem spreads by finding servers hosting websites with a remote file inclusion (RFI) vulnerability—it even uses Google’s /humans.txt to test for this. If the ad giant rewrote this file, specifically changing the words “we can shake”, Mayhem infections would be slowed—until its rfiscan.so plugin is updated. …
(Excerpt) Read more at theregister.co.uk ...
Hands down some of the best ads ever.
“The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches. “
Sounds straight forward enough.
M4L(inux)
non-compiled script languages are inherently insecure.
that’s why they’re promoted so heavily. we’re all supposed to write scripts instead of writing compiled programs.
most so-called programmers today (script kiddies) are oblivious.
Yes it does
Good time to run a scan
tech ping?
Any input for us Mac users?
Or is this a concern for servers only?
yep , updates ,updates ,updates
Very interesting discussion on slashdot, even for us that don’t know a whole lot (just enough to be dangerous) about web development.
Thanks for the link!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.