Apache binaries compromised

The place for what's new and going on in the tech, innovation, and science world.
Post Reply
User avatar
rapier57
I've posted HOW many
Posts: 3131
Joined: Thu Mar 02, 2006 10:43 pm
Are you a Spammer: No
Location: Spokane, WA USA
Contact:

Apache binaries compromised

Post: # 143417Post rapier57
Tue Apr 30, 2013 5:49 pm

Found this on VirusBTN:

http://www.virusbtn.com/news/2013/04_30.xml

If you are running an Apache server, might be a good idea to check your binaries.


Rapier57.

Jayne: Testing. Testing. Captain, can you hear me?
Mal: I'm standing right here.
Jayne: You're coming through good and loud.
Mal: 'Cause I'm standing right here.


@rapier57

User avatar
SirDice
I've posted HOW many
Posts: 4197
Joined: Mon May 15, 2006 9:59 am
Are you a Spammer: No
Location: Netherlands

Re: Apache binaries compromised

Post: # 143419Post SirDice
Wed May 01, 2013 10:48 am

For now, the question of how the machines are compromised in the first place remains unanswered.
For a minute I was afraid the binaries on the Apache site itself were compromised. Not that I use them, I always build from source (aren't FreeBSD's ports wonderful :) ).
Oliver's Law:
Experience is something you don't get until just after you need it.

User avatar
rapier57
I've posted HOW many
Posts: 3131
Joined: Thu Mar 02, 2006 10:43 pm
Are you a Spammer: No
Location: Spokane, WA USA
Contact:

Re: Apache binaries compromised

Post: # 143428Post rapier57
Wed May 01, 2013 8:53 pm

Well, the title got your attention, eh?

Still, I sometimes wonder if someone got into the libraries and plugged in some stuff and then leveraged it later. Glad I no longer have to manage one of those monsters.
Rapier57.

Jayne: Testing. Testing. Captain, can you hear me?
Mal: I'm standing right here.
Jayne: You're coming through good and loud.
Mal: 'Cause I'm standing right here.


@rapier57

|The|Specialist

Re: Apache binaries compromised

Post: # 143435Post |The|Specialist
Thu May 02, 2013 5:36 am

I broke into a few source forge projects years back. You'd be surprised.

User avatar
DaFoxx
DaBOSS
Posts: 8625
Joined: Sun Dec 25, 2005 1:20 am
Are you a Spammer: No
Location: 3rd Rock from the Sun

Re: Apache binaries compromised

Post: # 143437Post DaFoxx
Thu May 02, 2013 10:13 am

|The|Specialist wrote:I broke into a few source forge projects years back. You'd be surprised.
I don't think we would be TBH :)
and where have you been? not like AO are still in need of us anymore :shock:
so where do you spend your wwweb time now

and welcome home stranger :P
Beware of Geeks bearing GIF's :mrgreen:

User avatar
Egaladeist
I am the Eg man : Coo Coo Ca Choo
Posts: 18889
Joined: Sun Dec 25, 2005 1:02 am
Location: Canada

Re: Apache binaries compromised

Post: # 143443Post Egaladeist
Thu May 02, 2013 12:18 pm

Spec??? Welcome back stranger :mrgreen:

User avatar
rapier57
I've posted HOW many
Posts: 3131
Joined: Thu Mar 02, 2006 10:43 pm
Are you a Spammer: No
Location: Spokane, WA USA
Contact:

Re: Apache binaries compromised

Post: # 143445Post rapier57
Thu May 02, 2013 5:54 pm

Hey, Spec! Long time no poop.

The binaries, it seems are being modified by a Linux worm that is moving around and silently replacing certain binaries and creating backdoors. CDork is blamed.

http://blogs.cisco.com/security/linuxcdorked-faqs/
Rapier57.

Jayne: Testing. Testing. Captain, can you hear me?
Mal: I'm standing right here.
Jayne: You're coming through good and loud.
Mal: 'Cause I'm standing right here.


@rapier57

|The|Specialist

Re: Apache binaries compromised

Post: # 143521Post |The|Specialist
Thu May 09, 2013 6:30 am

so where do you spend your wwweb time now
Im a very maladjusted guy. Cross your fingers then hope for the best. :wink:

User avatar
DaFoxx
DaBOSS
Posts: 8625
Joined: Sun Dec 25, 2005 1:20 am
Are you a Spammer: No
Location: 3rd Rock from the Sun

Re: Apache binaries compromised

Post: # 143522Post DaFoxx
Thu May 09, 2013 1:02 pm

|The|Specialist wrote:
so where do you spend your wwweb time now
Im a very maladjusted guy. Cross your fingers then hope for the best. :wink:

gulps :shock: - sneaks away to update all security, powers down router, waits patiently :hysterical:
Beware of Geeks bearing GIF's :mrgreen:

Post Reply