Darkleech virus could infect your computer on infected websites

It has been reported that about 20,000 websites have been compromised by the darkleech virus. The virus which has been prominent on the internet this year is using websites to serve malware to innocent visitors on the infected websites.

The virus has been observed to be propagated on websites hosted on Apache web servers on Linux.

The virus which attacks from Apache 2.2.2 servers and above injects iFrames into visitors’ computers when they visit. This in turn redirects visitors to a blackhole crimeware kit.

It is reported that this is only affecting Windows OS (Operating System) users. According to internet research firm Netcraft, about 50% of websites on the internet is hosted by the Apache server.

Countries as they're affected. Source: Cisco Web Security

Web security firms have not had much progress in detecting this virus because of its escape techniques. “The attackers employ a sophisticated array of conditional criteria to avoid detection,” said Mary Landesman, a senior security researcher at Cisco systems in her blog post.

The virus doesn’t harass security companies and website hosting firms. It attacks long time visitors of a site and put new visitors on the ‘waiting list’.

According to Cisco reports, 58% of the servers being used to launch the module injection attacks were based in the United States, 10% in the United Kingdom, and 9% in Germany.

Hey, darkleech is coming like a swarm of bees; you hide your head, and do it fast.

Posted in Gadgets, technology