

According to a recent report from Cisco, a piece of malware known as Darkleech has infected tens of thousands of web servers running Apache v2.2.2 and above. SiliconAngle contributing editor John Casaretto provided more details on this latest cyberthreat on this morning’s NewsDesk segment (full video below).
Casaretto starts by saying that Darkleech is all but a mystery: security experts know what it does, but that’s about it.
Darkleech exploits a zero-day vulnerability in Apache to infect websites with an SSHD backdoor that allows hackers to upload malicious code to the hosting server. That payload contains a randomized, unpredictable algorithm that opens connections to third party sites infected with malware, and a component that blocks IP addresses associated with major Cybersecurity firms.
Casaretto explains that Darkleech is a major cause of concern for several reasons: it targets Apache, which powers 65 percent of all websites on the internet, and it has apparently been around since August last year. Even more concerning is that the fact that experts have not yet identified the loophole that the virus exploits, which means that a fix is nowhere in sight.
Adding insult to injury, Darkleech is incredibly hard to detect. Admins that do manage to spot it in their code have only one option at the moment: retrieve what they can from the infected server and wipe it clean. Casaretto advises end-users to use malware detection and removal tools from leading vendors to make sure that they are protected.
It’s not clear whether Darkleech is the work of a hacktivist group, a state-sponsored body or some other entity. Casaretto says that the only thing we know for certain is that the perpetrators, whoever they may be, know what they are doing.
Support our open free content by sharing and engaging with our content and community.
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.