Unveiling Malware attack to Apache web server after researchers find out may malware inside apache web server. It should be considered to observe your blog or web for security.
So far researchers have not seen any activity Eset installation of malware Linux / Chapro.A new, after observations of thousands of users accessing Sweet Orange exploit pack before Eset blocking access to the server.
Apache web server is the most widely used in the world, a global Apache server for more than half of the sites in the world. But the popularity of Apache apparently attract cyber criminals to commit terror.
Security and antivirus company Eset, recently launched report the discovery of malware that attack network systems Apache web server. The malware is detected and identified as a Linux / Chapro.A.
The main action of malware Linux / Chapro.A this is to inject malware into apps loaded web page which is then displayed by the web server successfully hacked it.
"The attack shows an increase in the complexity of attacks by malware. Cases with such complexity is spread over three countries, with specific targets making it difficult for law enforcement to investigate and mitigate the impact," said Pierre-Marc Bureau, Security Intelligence Program Manager of Eset, in his statement.
There are two interesting things from Linux / Chapro.A, the ability to hide so hard to get caught by system administrators, such as the setting of cookies on the infected system, then hide.The researchers first detected malware Eset Linux / Chapro.A in November 2012 which was then blocked by Eset with generic detection - Advanced Heuristic. At the time of the analysis performed, the host of the C & C server is detected to be in Germany. But not long after offline, then disappeared.
From the analysis carried Eset, which in-inject iframe by Linux / Chapro.A refers to exploit pack on the page 'Sweet Orange'.
"Host of the exploit pack is located in Lithuania. Pack is trying to get into some vulnerabilities in web browsers and plugins," said Pierre.
"After further investigation, the spread of any detectable activity Win32/Zbot malware variants, also known as ZeuS. Recent years Zeus malware is known as data thieves especially banking data," he continued.
