Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:JS:DARKLEECH3

Description: A higly conditional server-side malware (Darkleech or cdorked) was identified in the server. This is an ongoing campaign and it means the server was compromised with malicous Apache modules or binaries. More details here:

1- New Apache Module Injection
2- Apache Binary Backdoors on Cpanel-based servers
3- Server Compromises – Understanding Apache Module iFrame Injections and Secure Shell Backdoor

Domains involved:

Affecting: Any type of linux-based server.

Latest update: 2013/Jun

Malware dump:


For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb