Mystery infestation strikes Linux/Apache Web sites
Posted by: Anonymous
on January 24, 2008 11:11 PM
You know, if the got a few servers, and infected Windows hosts using them, there is a chance that one of the things running on the Windows clients is a keylogger, and that let them get some more, and so so. If you get root to a large number of machines at a large hosting company, then you could parlay that into more root passwords, that loading to more root passwords, etc. If they were smart, this has been going for a long time, and just flying under the radar until now.