Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole

Last week, our friends at Sucuri sent us a modified version of an Apache webserver redirecting some of its requests to the infamous Blackhole exploit packs. Sucuri has published a blog post on this attack. Our analysis of this malware, dubbed Linux/Cdorked.A, reveals that it is a sophisticated and stealthy backdoor meant to drive traffic … More Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole