Security vendor SecureWorks reported this week that the mass attack launched against Apache web servers running on the open-source Linux operating system can be thwarted by disabling dynamic loading in the Apache configuration.

The attack, originally thought to have impacted several hundred websites, actually has infected about 10,000 websites, including some in the United States but mostly in the United Kingdom and India, according to SecureWorks.

The compromised websites, mostly hobby and travel sites without security administrators to keep them updated, can infect their visitors with malicious JavaScript code that can steal a variety of personal information, including bank user names and passwords, Social Security and credit card numbers and online payment accounts, according to SecureWorks.

More Here