A malicious script targeting a year-old vulnerability may be tied to the DarkLeech attack campaign. The script was spotted targeting a Horde/IMP Plesk Webmail vulnerability that exists in unpatched versions of the Parallels Plesk control panel software. Cisco TRAC analyzed several thousand compromised Web servers and tracked them back to their associated hosts. The attackers infected the servers with an SSHD backdoor that enables them to upload and configure malicious Apache modules that are, in turn, used to inject malicious iFrames onto legitimate sites.”]