[nycbug-talk] Cdorked.A Backdoor

Jesse Callaway bonsaime at gmail.com
Fri May 10 11:04:21 EDT 2013

On May 10, 2013 10:16 AM, "Chris Snyder" <chsnyder at gmail.com> wrote:
> On Thu, May 9, 2013 at 8:17 PM, Pete Wright <pete at nomadlogic.org> wrote:
>> had some cycles to dig deeper - found a python script from eset.ie that
they believe will detect this code.  it's pretty simple - so i'm not sure
how reliable it is tbh.
> Isn't detection a matter of comparing the system's httpd to a known-clean
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
often,yes. sometimes no?

but yeah if it's a binary install then checksumming would be a great first
approach. what's scary about all this is there's no vulnerability that's
been pointed out... just seems to magically infect
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20130510/7ab5c24f/attachment.html>

More information about the talk mailing list