Mystery Malware Affecting Linux/Apache Web Servers

← Back to Stories (view on slashdot.org)

Mystery Malware Affecting Linux/Apache Web Servers

Posted by Zonk on Thursday January 24, 2008 @07:46AM from the duck-and-cover-like-tommy-the-turtle dept.

lisah writes "Reports are beginning to surface that some Web servers running Linux and Apache are unwittingly infecting thousands of computers, exploiting vulnerabilities in QuickTime, Yahoo! Messenger, and Windows. One way to tell if your machine is infected is if you're unable to create a directory name beginning with a numeral. Since details are still sketchy, the best advice right now is to take proactive steps to secure your servers. 'We asked the Apache Software Foundation if it had any advice on how to detect the rootkit or cleanse a server when it's found. According to Mark Cox of the Apache security team, "Whilst details are thin as to how the attackers gained root access to the compromised servers, we currently have no evidence that this is due to an unfixed vulnerability in the Apache HTTP Server." We sent a similar query to Red Hat, the largest vendor of Linux, but all its security team could tell us was that "At this point in time we have not had access to any affected machines and therefore cannot give guidance on which tools would reliably detect the rootkit."'"

11 of 437 comments (clear)

Min score:

Reason:

Sort:

Funny by robvangelder · 2008-01-24 07:50 · Score: 0, Troll

I think it's funny that Apache is affected by the same drama that affected IIS all those years ago.
We havent really grown up, have we?
LISTEN UP by Anonymous Coward · 2008-01-24 07:53 · Score: -1, Troll

Right you open source cunts, I want this shit fixed fucking pronto. I know you were going to sit down an evening of masturbating to underage anime and eating cheetos, but tough fucking shit - this needs to be fixed.
Wait by Anonymous Coward · 2008-01-24 07:53 · Score: -1, Troll

I was under the understanding that this type of thing does not happen to Linux. This must be a mistake I think the poster meant to say Windows and IIS instead of Linux and Apache.
Ron Paul will fix IT!! by Anonymous Coward · 2008-01-24 07:57 · Score: -1, Troll

HEY YOU APACHE MOTHERFUCKERS!! CALL Ron Paul and will save the FUCKING DAY, BITCHES!!

RON PAUL 2008!!!!
RON PAUL WANTS TO GENOCIDE APACHES by Anonymous Coward · 2008-01-24 07:59 · Score: -1, Troll

He'll use the software, but won't like the name.

RONNIE PAUL 2K8!
Re:Ubuntu as well? by Anonymous Coward · 2008-01-24 08:03 · Score: -1, Troll

No, Ubuntu is GNU. GNU/Linux at best.
Re:Ubuntu as well? by Anonymous Coward · 2008-01-24 08:21 · Score: -1, Troll

Ubuntu is faggotry. So it is infected with AIDS.
Wait a Minute! by SwashbucklingCowboy · 2008-01-24 09:07 · Score: 0, Troll

This is obviously not true. After all, Linux zealots constantly say that Linux isn't vulnerable to malware...
Breaking news--CERT has uncovered mkdir hack by sticks_us · 2008-01-24 09:33 · Score: 0, Troll

1 #include <stdio.h> 2 #include <stdlib.h> 3 extern int mkdir_main(int argc, char **argv) 4 { 5 int i = FALSE; 6 7 argc--; 8 argv++; 9 10 /* Parse any options */ 11 while (argc > 0 && **argv == '-') { 12 if ((*argv[0] >= 48) && (*argv[0] <=57)) 13 { 14 printf("PWN3D N00B!!!111\n\n--Ron Paul 08"); 15 return 1; 16 17 } 18 19 while (i == FALSE && *++(*argv)) { 20 switch (**argv) {

--
"Beware of bugs in the above code; I have only proved it correct, not tried it." -- Donald Knuth
zOMG, THE FOSS!!!11!! by Anonymous Coward · 2008-01-24 09:55 · Score: -1, Troll

Looks like another piece of FOSS which was one pair of eyes too short.

Guess their 2008 claims of being better than Microsoft are going to be just as invalid as their claims from 2007, 2006, 2005, etc.
1. Re:zOMG, THE FOSS!!!11!! by Anonymous Coward · 2008-01-24 11:05 · Score: -1, Troll
  
  "Free" isn't even enough to get me to use FOSS. I wouldn't use that buggy crap unless they paid me a few million dollars.
  
  FOSS isn't software, it's a form of punishment.