ESET Reported that more than 400 web servers infected with the backdoor Linux/Cdorked.A, including ranked ones among top 50 websites.
They also found, Lighttpd and nginx web servers also are affected by this backdoor. as mentioned in their report, which further mentioned
“we found it will not deliver malicious content if the victim’s IP address is in a very long list of blacklisted IP ranges, nor if the victim’s internet browser’s language is set to Japanese, Finnish, Russian and Ukrainian, Kazakh or Belarusian.”
Eset was able to found the backdoor last month,
Researchers are still not able to find how the web servers are effected.
Don’t be a silent user let us know what do you think about it in comments below 🙂
