Malicious Apache module injects Iframes
Jump to navigation
Jump to search
(Publication) Google search: [1]
Malicious Apache module injects Iframes | |
---|---|
Botnet | |
Malware | Chapro |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / 2012-09-10 |
Editor/Conference | Unmask Parasites |
Link | http://blog.unmaskparasites.com/2012/09/10/malicious-apache-module-injects-iframes/ blog.unmaskparasites.com (blog.unmaskparasites.com Archive copy) |
Author | Denis Sinegubko |
Type |
Abstract
“ t’s a follow up to my post about server-wide iframe injection attack where I asked for any information about that tricky hack. Thanks to my readers and administrators of infected servers I have some new information about it. Now I know how it works and what is infected, but still have no idea how hackers break into servers, so your input is welcome.
Recap
This attack injects invisible malicious iframes into some server responses of all web sites on compromised servers.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1272, editor = {Unmask Parasites}, author = {Denis Sinegubko}, title = {Malicious Apache module injects Iframes}, date = {10}, month = Sep, year = {2012}, howpublished = {\url{http://blog.unmaskparasites.com/2012/09/10/malicious-apache-module-injects-iframes/ blog.unmaskparasites.com}}, }