Skip navigation
Help

The Los Angeles Times

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.
Original author: 
Dan Goodin

Aurich Lawson / Thinkstock

Tens of thousands of websites, some operated by The Los Angeles Times, Seagate, and other reputable companies, have recently come under the spell of "Darkleech," a mysterious exploitation toolkit that exposes visitors to potent malware attacks.

The ongoing attacks, estimated to have infected 20,000 websites in the past few weeks alone, are significant because of their success in targeting Apache, by far the Internet's most popular Web server software. Once it takes hold, Darkleech injects invisible code into webpages, which in turn surreptitiously opens a connection that exposes visitors to malicious third-party websites, researchers said. Although the attacks have been active since at least August, no one has been able to positively identify the weakness attackers are using to commandeer the Apache-based machines. Vulnerabilities in Plesk, Cpanel, or other software used to administer websites is one possibility, but researchers aren't ruling out the possibility of password cracking, social engineering, or attacks that exploit unknown bugs in frequently used applications and OSes.

Researchers also don't know precisely how many sites have been infected by Darkleech. The server malware employs a sophisticated array of conditions to determine when to inject malicious links into the webpages shown to end users. Visitors using IP addresses belonging to security and hosting firms are passed over, as are people who have recently been attacked or who don't access the pages from specific search queries. The ability of Darkleech to inject unique links on the fly is also hindering research into the elusive infection toolkit.

Read 14 remaining paragraphs | Comments

0
Your rating: None


Waiting for Free Medical Care. Virginia 2009

Katie Falkenberg (b. 1981, United States) is a freelance photographer based in Los Angeles, California. She began her career photographing the 2004 presidential campaign, which led her to Washington, D.C., where she covered the White House, Capitol Hill, and other stories throughout the nation’s capital. In the fall of 2006, Katie joined the staff of The Washington Times where assignments took her from the hollows of West Virginia to the mountains of Pakistan. Her photography and multimedia work have been awarded by Pictures of the Year International, the White House News Photographers Association, Editor & Publisher, and the NPPA. Her work has appeared in The New York Times, The Los Angeles Times, Newsweek, TIME, Rolling Stone, GQ, and Vanity Fair, among others.

About the Photograph:

“At the Remote Area Medical (RAM) clinic in southwestern Virginia, thousands of people gathered outside of the fairgrounds gate each morning before dawn, waiting for their number to be called so they could enter into the clinic to receive free dental, vision, and medical treatment. The people in this photograph were still outside of the gate in the afternoon, hoping to be called before they stopped accepting patients. The family to the left of the photo said that this was a “once-a-year effort to get their eyes and teeth worked on,” so they were willing to wait as long as it took to get in. Most of the people who came to the clinic said that if it were not for RAM, they would go without this vital care. People drove hundreds of miles and waited for hours, even days, sleeping in their cars and tents outside the fairgrounds gate, hoping to make the cut-off of those admitted. Still, at the end of the weekend, some people had to be turned away as time ran out.”

Bookmark and Share

0
Your rating: None