A persistent, widespread malware campaign that utilizes compromised Apache servers is locking users' computers and demanding a fee of $300 to free their data.
Researchers from Eset wrote that the ransomware scam
is an extension of a long-running attack that compromises the infrastructure of web hosting companies with a variant of a malicious Apache module called "Darkleech."
"Malicious modification of server binaries seems to be a very popular trend for malware distribution," wrote Sebastien Duquette, an Eset malware researcher, on a company blog
Eset also suspects that hackers also may have figured out how to compromise CPanel
, which are both software programs used by hosting companies to manage their networks and websites.