A new Apache exploit discovered and analyzed by Eset injects malware into Web pages on a Web server. Linux/Chapro.A “tricks” the unsuspecting Apache software into infecting a visitor’s machine. The malware pushes a pop-up message to the banking customer asking for a bank card CVV code. If the user falls for it and provides it, that information as well as banking credentials go to the bad guys. The attack employs multiple stealth modes to mask it from website operators, including website operators.”]
Source: https://www.darkreading.com/attacks-breaches/new-apache-server-attack-discovered