“According to a press release issued earlier this month by
Finjan, a security research firm, compromised Web servers are
infecting thousands of visitors daily with malware that turns their
Windows machines into unwitting bots to do the bidding of an as yet
unidentified criminal organization. Security firms ScanSafe and
SecureWorks have since added their own takes on the situation,
though with varying estimates on the number of sites affected. All
reports thus far say the compromised servers are running Linux and
Apache.“According to an article on ServerTune.com, the exploit involves
a rootkit installed on the compromised server that replaces several
system binaries with infected versions…”
Related Story:
Mass
Host Hack Bigger than First Thought, Hits 10,000 Sites(Jan 22,
2008)