(Page 2 of 2)
"The Apache server software is apparently being used to facilitate drive-by malware attacks. The attack is very dynamic, randomly serving malicious links to select users, but not others," Henry said. "The inconsistency is making it very difficult for the security community to detect, let alone resolve."
Henry called it an "incredibly stealthy piece of malware" and said despite the fact that attacks date all the way back to August, there is still no concrete information about mitigation. He expects to hear a lot more about Darkleech over the next few months and warns to look out for attacks.
"I'm also hearing a lot about DDoS again this month, thanks to the attack on Spamhaus, the largest attack in history, which is being credited with attempting to 'break the Internet'," Henry said. "Though cyber security attacks are occasionally blown out of proportion, in this case that's exactly what the attack tried to do. It used misconfigured DNS servers to generate and amplify traffic for the attack."