Backdoor Targeting Apache Servers Spreads To Nginx, Lighttpd

An anonymous reader writes "Last week's revelation of the existence of Linux/Cdorked.A, a highly advanced and stealthy Apache backdoor used to drive traffic from legitimate compromised sites to malicious websites carrying Blackhole exploit packs, was only the beginning — ESET's continuing investigation has now revealed that the backdoor also infects sites running the nginx and Lighttpd webservers. Researchers have, so far, detected more than 400 webservers infected with the backdoor, and 50 of them are among the world's most popular and visited websites." Here's the researchers' original report.

Re:Why?

[Skapare]

Are you afraid of little infected web site? Something wrong with your browser?

Fix

[Frankie70]

You can download a fix here.

Re:Fix

Yes, indeed. Why suffer from this minor malware when you could have all the best ones infecting you? Lightweights!

screw it

[clam666]

I knew this was a mistake. Secure my ass. I'm going back to Windows.

Re:and this is why....

FreeBSD runs the same software stack, so it would make little difference.

That's why our organization uses a custom server software written in 68K assembly running on MacOS 7.6.1 on a cluster of Quadra 610s.

Re:Why?

[Opportunist]

Find out what they're experts in, become a complete idiot in that field and start pestering them with requests for help.

Keeps my dad away. Though I now have to pay for repairs when my car breaks down.

Re:I have a stupid question.

[Zontar+The+Mindless]

What kind of developer thinks that a web server needs a GUI?

Where else are they going to put the ON and OFF buttons?