With the obvious reliability of GNU/Linux and Apache web-server we have been a bit too relaxed. Unlike those folks running that other OS who get zero-day attacks every few weeks, we have to wait a year or so for something interesting to come along…
“The ongoing attacks, estimated to have infected 20,000 websites in the past few weeks alone, are significant because of their success in targeting Apache, by far the Internet’s most popular Web server software. Once it takes hold, Darkleech injects invisible code into webpages, which in turn surreptitiously opens a connection that exposes visitors to malicious third-party websites, researchers said. Although the attacks have been active since at least August, no one has been able to positively identify the weakness attackers are using to commandeer the Apache-based machines.”
see Exclusive: Ongoing malware attack targeting Apache hijacks 20,000 sites
Fortunately there are millions of Apache sites, so mine might survive until a fix is released. It could be nothing more than weak passwords/keys or a vulnerable web-application. Stay tuned.