Three years ago, researchers at Yandex discovered a complex server infection, dubbed Mayhem, that embeds itself deep within a system by compiling a shared object and running as a service. This also allows the malware to operate under restricted privileges, and is difficult to clean up effectively – even if an infected site gets restored from a backup, the malware would still be there.
Mayhem is essentially a malicious bot for web servers.
*** This is a Security Bloggers Network syndicated blog from Sucuri Blog authored by Jose Martinez. Read the original post at: https://blog.sucuri.net/2017/10/mayhem-malware-server-botnet-continues-to-evolve.html