nomadlogic at gmail.com
Thu May 9 22:13:01 UTC 2013
On Thu, May 9, 2013 at 2:52 PM, Joshua Isom <jrisom at gmail.com> wrote:
> On 5/9/2013 12:19 PM, Per olof Ljungmark wrote:
>> Is Apache on FreeBSD affected?
> Technically, Apache isn't the problem. The hole's in cPanel probably, not
> Apache. The attackers replace Apache, probably patching the source code and
> replacing the host's with a trojaned copy. If they're patching the source
> code, then yes, FreeBSD, Windows, OS X, Solaris, OpenBSD, et al are possibly
I am not sure that is the case from the research I have been doing on
this topic. For example there are reports of it being detected on
lighttpd, nginx and systems that do not use cpanel:
If anyone has a better rundown of this it would be great if you could
point me in the right direction. I am having problems finding a
proper examination/explanation of this backdoor.
More information about the freebsd-questions