Scansafe has issued an alert at their blog where they have figured out some possible security holes that allows hacker to sneak in the server and inserts malicious scripts. For home PC owners it is a matter of caution browsing these sites as it may affect them badly.
Visit the Scansafe Blog here: Mom & Pop Sites Hit Hard by Host Compromise
Here are some quotes from scansafe report:
Quote:
|
The attacks are not compromised sites, but rather what we suspect to be the result of a Loadable Kernel Module (LKM) backdoor, i.e. a rootkit-enabled backdoor planted on the host server. What we don’t know, but hope to discover, is how the backdoor was planted on the host servers.
|
Quote:
But if CPanel wasn’t the entry point, what is?
To help us solve that puzzling question, Dan Goodin at The Register generously wrote about the challenges of this attack, and that article has prompted much useful discussion. It’s also helped foster a great deal of cooperation from some of the impacted hosts and site owners; cooperation that will be key to solving this puzzle. And it’s also led to additional exposure and discussion of the problem here and here. Our hope is that these discussions will lead to finding out exactly what caused the compromise on the host servers and, of course, how to eradicate it.
|