Researchers have discovered a botnet consisting of web servers being used to launch devastating denial-of-service (DDoS) attacks against a Dutch ISP.

Servers provide a greater amount of bandwidth power to launch an attack than PCs. Additionally, malware can remain undetected for a longer period  on servers, since many do not have anti-virus software installed on them.

An attacker by the name of “Exeman” has infected around 400 web servers with a simple 40-line PHP script, which includes a malicious application that can be used to launch DDoS attacks.

The application provides a dashboard and control panel that can be used to input the URL of an intended target and configure the IP, port and duration of the attack. It is suspected that the attacker may have leveraged a common flaw, called a remote file inclusion vulnerability, to compromise the servers.

In nearly one out of every three attacks, hackers were able to disrupt service. Many organizations incurred millions of dollars in losses for each hour online services were down.

Ref: http://www.scmagazineus.com/servers-hacked-to-launch-more-powerful-dd...