A persistent, widespread malware campaign that utilizes compromised Apache servers is locking users' computers and demanding a fee of $300 to free their data.
Researchers from Eset wrote that the
ransomware scam is an extension of a long-running attack that compromises the infrastructure of web hosting companies with a variant of a malicious Apache module called "Darkleech."
"Malicious modification of server binaries seems to be a very popular trend for malware distribution," wrote Sebastien Duquette, an Eset malware researcher, on a
company blog.
Eset also suspects that hackers also may have figured out how to compromise
CPanel and
Plesk, which are both software programs used by hosting companies to manage their networks and websites.