Re: How does it get installed?
Via a webserver running a fingerprintable CMS with unknown/unpatched vulnerabilities, and with known folders which are writable by the webserver (eg, for CMS users to use to upload images for the website) is sadly far too common a way for malware to be able to find its way aboard a server.
Biting the hand that feeds IT
