Malicious Apache module injects Iframes

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Malicious Apache module injects Iframes
Botnet
Malware Chapro
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-09-10
Editor/Conference Unmask Parasites
Link http://blog.unmaskparasites.com/2012/09/10/malicious-apache-module-injects-iframes/ blog.unmaskparasites.com (blog.unmaskparasites.com Archive copy)
Author Denis Sinegubko
Type

Abstract

t’s a follow up to my post about server-wide iframe injection attack where I asked for any information about that tricky hack. Thanks to my readers and administrators of infected servers I have some new information about it. Now I know how it works and what is infected, but still have no idea how hackers break into servers, so your input is welcome.

Recap

This attack injects invisible malicious iframes into some server responses of all web sites on compromised servers.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1272,
   editor = {Unmask Parasites},
   author = {Denis Sinegubko},
   title = {Malicious Apache module injects Iframes},
   date = {10},
   month = Sep,
   year = {2012},
   howpublished = {\url{http://blog.unmaskparasites.com/2012/09/10/malicious-apache-module-injects-iframes/ blog.unmaskparasites.com}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=Malicious_Apache_module_injects_Iframes&oldid=2756"