Botweb using compromised Linux servers

Over at the Unmask Parasites blog, periodic BadwareBusters.org contributor Denis reports on a botweb (a term coined by our own Oliver Day) that he’s been investigating:

What we see here is a long awaited botnet of zombie web servers! A group of interconnected infected web servers with common control center involved in malware distribution. To make things more complex, this botnet of web servers is connected with the botnet of infected home computer (the malware they serve infects computers and turns them into zombies).

The blog post contains a much more thorough analysis of the issue and is worth a read, especially if you work for a hosting provider or manage Linux-based web servers. Meanwhile, we’ve reached out to Denis to see if we can assist in notifying providers that are hosting compromised servers.