In this post we’ll unpack a short — but no less serious — attack that affected some Linux-based systems, on October 31. Throughout the campaign, the attacker used a chain of vulnerabilities including the infamous Drupalgeddon2 and DirtyCOW, and system misconfigurations to persistently infect vulnerable Drupal web servers and take over user machines.

https://www.imperva.com/blog/dirtycow-bug-drives-attackers-to-a-backdoor-in-vulnerable-drupal-web-servers/