# Ongoing malware attack targeting Apache hijacks 20,000 sites



## vpsnewb (Apr 2, 2013)

> Tens of thousands of websites, some operated by _The Los Angeles Times_, Seagate, and other reputable companies, have recently come under the spell of "Darkleech," a mysterious exploitation toolkit that exposes visitors to potent malware attacks.
> 
> The ongoing attacks, estimated to have infected 20,000 websites in the past few weeks alone, are significant because of their success in targeting Apache, by far the Internet's most popular Web server software. Once it takes hold, Darkleech injects invisible code into webpages, which in turn surreptitiously opens a connection that exposes visitors to malicious third-party websites, researchers said. Although the attacks have been active since at least August, no one has been able to positively identify the weakness attackers are using to commandeer the Apache-based machines. Vulnerabilities in Plesk, Cpanel, or other software used to administer websites is one possibility, but researchers aren't ruling out the possibility of password cracking, social engineering, or attacks that exploit unknown bugs in frequently used applications and OSes.
> 
> ...


Read the original article here: http://arstechnica.com/security/2013/04/exclusive-ongoing-malware-attack-targeting-apache-hijacks-20000-sites/


----------



## Mike (May 15, 2013)

I don't understand what hackers get out of this kind of activity...  It's not like they're paid or praised...


----------



## mojeda (May 15, 2013)

Sometimes depending on the hack they may get paid. Also for the thrill of it.


----------



## Enterprisevpssolutions (May 23, 2013)

Depending on that attack and the sites in question it could be anything from stealing personal information to making a political statement. You have to remember they only have a few ways to voice themselves DDOS, malware, phishing, virus, are just some ways that they cause disruption to our world. Don't forget that the governments in other nation including the USA uses hackers to steal information and prevent attacks or cause them for reason unknown to us and depending on how they get caught either a hacker group takes the blame or the blame is pass onto them.


----------



## tallship (May 23, 2013)

Mike said:


> I don't understand what hackers get out of this kind of activity... It's not like they're paid or praised...


Many of those communities actually have awards and trophy programs, so to speak, kinda like if you're a Ham and win a WAS or QRP award for your QSLs.


----------

