Thousands of websites around the world may be unwittingly serving malware to visitors because they've been infected with a mysterious toolkit known as Darkleech. If your website is one of them, this could be very bad for your reputation. If visitors are getting their computers compromised when they visit your site, they won't be coming back in a hurry.
Ignorance of the problem is no excuse. It's the responsibility of every website owner to keep their servers safe from malware and if you're not paying attention to your own security, it could cost you hugely.
The Darkleech program has been brought to light by news and information service Ars Technica. An investigation by the publication estimates up to 20,000 websites have become infected with the code in the past few weeks alone.
And it's not just smaller sites that may have lax security that are being targeted. The site claimed compromised servers include those belonging to reputable companies such as the Los Angeles Times and storage equipment maker Seagate.
It was explained that once it takes hold, Darkleech injects invisible code into web pages, which in turn surreptitiously opens a connection that exposes visitors to malicious third-party websites.
The attack is significant as it appears to be deliberately targeting firms using Apache web server software. Over half the world's websites use this solution, so the potential for the problem to become even more widespread is clear.
It was observed the malware's strategy bears many resemblances to a 2008 attack that also infected tens of thousands of web servers to expose visitors' computers to malware sites. However, the true scale of the current problem is difficult to determine as the server malware is designed to hide itself, while it is also very tricky to get rid of.
Ars Technica said: "Disinfecting systems can prove challenging since backdoor and possibly even rootkit functionality may allow attackers to maintain control of servers even after the malicious modules are uninstalled."
GHOST, a critical Linux security is revealed
A critical vulnerability has been found ...
How Can I Deal With DDoS Without a Hardware Firewall?
A Distributed Denial of Service (DDoS) a...
Major Vulnerability discovered in Bash
As you may have already heard, Bash (the...
Fix network holes to keep your data center secure
One of the most important operations tha...
More websites under threat from DDoS attacks
Many websites may have to strengthen the...
World Hosting Days 2016
As you may know the World Hosting Days 2...
Scheduled network maintenance on February the 25th, 2016
Dear client, On February the 25th b...
New critical GLibc vulnerability discovered
Googles online security research team ha...
How to use our Auto renewal service in SnelPanel
Remembering when your server needs to be...
Scheduled network maintenance on February the 4th, 2016
Dear client, Our next step in final...
Other providers require extra money for bandwidth you may not even need. SnelServer.com differs from other providers by providing bandwidth pooling across all your servers at no extra cost. If your other servers have plenty of bandwidth left, we allow you to pool the bandwidth to another server that requires more. This enables you to save money and you can use your dedicated server more efficiently.
High availability of servers are extremely important to our customers, thus we take uptime seriously. We offer 99,9% uptime on all our dedicated servers and third party monitoring to prove it. Moreover, we have a completely redundant network and we can execute network maintenance without any packet loss on your end.
SnelServer.com stands out in delivering flexibility, simplicity and convenience. All our dedicated servers come with many free features, such as dedicated KVM over IP. This feature provides technical freedom, because it enables you to control your server independently. Moreover, the unique and robust features of a dedicated KVM over IP allow you to control your server remotely 24/7 at BIOS level. With this free feature we provide more flexibility and usability on our dedicated servers.
IPv4 addresses are running out very quickly and preparing for native IPv6 is essential. We offer native IPv6 with all our servers by default, complete with reverse DNS. This means that our entire infrastructure is IPv6 supported. Dedicated servers with native IPv6 are truly future proof. We enable you to use your native IPv6 addresses instantly after your server activation.