ESET warned Zeus trojan is attempting to infect Linux machines through iFrame attacks. The malware can automatically hijack websites hosted on compromised servers to attack web surfers with drive-by-downloads. It targets machines running 64-bit GNU/Linux and a web server, and acts like a rootkit by hiding itself from admins. When a user visits a site hosted on a compromised system will be directed via HTML iFrame to malicious site thus infecting user's machine. Details of the attack first surfaced in a post to the Full Disclosure mailing list.