diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Dec212010

Hackers Embed Spam Links into Sites Using Apache Web Servers Exploit

Sucuri.net, a security scanning company recently discovered a new exploit that adds a unique module to many Apache web servers, and when compromised, return spam links.

Here’s how it work?

The hackers use an SSH or CMS exploit to gain root access and then install a small module that watches the web server’s traffic over time. When you visit the site normally you’ll see absolutely nothing amiss, even in the source code.

For e.g., the University of the West’s website returns a regular web page and shows no problems in the source. However, when you do a web search for “uwest.edu and viagra,” you get the infected pages. This indelibly links the potentially popular and trustworthy uwest.edu with the spammer’s URLs.

The groups or individual hackers are fairly diligent. David Dede of Sucuri.net said “I saw some of their scripts and they’ve a list of 20+ vulnerabilities that they try on every site. Once they’re inside, they create shells, backdoors and things like that.”

[Source]

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...