This was a collaborative research effort with our friends at ESET, here is their breakdown of what they saw: <a href="http://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/" rel="nofollow">http://www.welivesecurity.com/2013/04/26/linuxcdorked-new-ap...</a>