A large scale attack is occurring against Linux Apache web servers. According to Don Jackson, a senior researcher at SecureWorks, the attack has been successful because it uses an automated password and installation process. He says the attack has hit at least 10,000 servers.

"The Web server ends up serving up vulnerabilities from 2006 related to Windows malware," Jackson told Network World. "The whole attack is very mysterious. It's based on a botnet but it doesn't match the Russian and Chinese groups and may be Western Europe or North American."

The attack uses Rbot and Sdbot malware and targets vulnerabilities found in quicktime, AOL SuperBuddy and Yahoo Messenger. Jackson says to protect against the attack, network managers should disable "dynamic module". There is evidence of a similar attack aimed toward Microsoft's Internet Information Server, but it hasn't become widespread like the Linux attack.