Skip to comments.Manic malware Mayhem spreads through Linux, FreeBSD web servers
Posted on 07/21/2014 6:45:33 AM PDT by Olog-hai
Malware dubbed Mayhem is spreading through Linux and FreeBSD web servers, researchers say. The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches.
Andrej Kovalev, Konstantin Ostrashkevich and Evgeny Sidorov, who work at Russian internet portal Yandex, discovered the malware targeting *nix servers. They traced transmissions from compromised computers to two command and control (C&C) servers. So far they have found 1,400 machines that have fallen to the code, with potentially thousands more to come. [ ]
Mayhem spreads by finding servers hosting websites with a remote file inclusion (RFI) vulnerabilityit even uses Googles /humans.txt to test for this. If the ad giant rewrote this file, specifically changing the words we can shake, Mayhem infections would be sloweduntil its rfiscan.so plugin is updated.
(Excerpt) Read more at theregister.co.uk ...
Hands down some of the best ads ever.
“The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches. “
Sounds straight forward enough.
non-compiled script languages are inherently insecure.
that’s why they’re promoted so heavily. we’re all supposed to write scripts instead of writing compiled programs.
most so-called programmers today (script kiddies) are oblivious.
Yes it does
Good time to run a scan
Any input for us Mac users?
Or is this a concern for servers only?
yep , updates ,updates ,updates
Very interesting discussion on slashdot, even for us that don’t know a whole lot (just enough to be dangerous) about web development.
Thanks for the link!