New Worm Compromises Linux Servers: 3,500 Systems Infected and Attacking

A new worm that attacks Linux Web servers has compromised more than 3,500 machines, creating a rogue peer-to-peer network that has been used to attack other computers with a flood of data, security experts said Saturday. The worm seems to . . .

A new worm that attacks Linux Web servers has compromised more than 3,500 machines, creating a rogue peer-to-peer network that has been used to attack other computers with a flood of data, security experts said Saturday. The worm seems to spreading fairly rapidly, according to security company Symantec, which early Friday detected about 2,000 infected computers that were actively attacking--a number that climbed to 3,500 late Friday. The company's security personnel could not be contacted for comment Saturday.

"It is confirmed through various sources that this worm is in the wild and actively attacking other servers," the company warned its newest advisory Saturday.

The worm targets Apache Web server installations on a variety of Linux systems, including those from Red Hat, SuSE, Debian, Mandrake and Slackware. By exploiting a security hole in the Apache OpenSSL module that enables a widely used encrypted communications service known as the secure socket layer, the worm can copy itself to new servers.

The link for this article located at news.com is no longer available.