Hackers turn MySQL.com into malware launchpad

Viruses, hackers and crackers
Post Reply
Anakha56
Forum Administrator
Posts: 22136
Joined: 14 Jun 2004, 02:00
Processor: Ryzen 1700K
Motherboard: Asus X370
Graphics card: Asus 1060 Strix
Memory: 16GB RAM
Location: Where Google says

Hackers turn MySQL.com into malware launchpad

Post by Anakha56 »

http://arstechnica.com/business/news/20 ... mpaign=rss
Hackers turn MySQL.com into malware launchpad
By Sean Gallagher | Published 34 minutes ago

As if the MySQL community doesn't have enough to worry about, a security firm is reporting that the MySQL.com website has been commandeered by hackers. And recent visitors to the MySQL.com website may have downloaded something other than the database software to their systems.

Web security firm Armorize reported in its blog today that the MySQL.com website has been turned into a launchpad for serving up malware attacks. Visitors to the home page of the site are hit with a JavaScript injection attack that has been planted on the site. The script opens an IFRAME to a malicious site, which in turn launches a BlackHole exploit "pack" that probes for known browser and plugin weaknesses and then stealthily installs malware on the visitor's PC. There's no warning button or action required by the user other than visiting the site to trigger the download.

Security blogger Brian Krebs reports that he had seen a post last week on a Russian hacker forum by a member offering to sell root access MySQL.com for $3,000. The site is owned by Oracle.
Ouch! :shock:
JUSTICE, n A commodity which is a more or less adulterated condition the State sells to the citizen as a reward for his allegiance, taxes and personal service.
User avatar
hamin_aus
Forum Moderator
Posts: 18363
Joined: 28 Aug 2003, 02:00
Processor: Intel i7 3770K
Motherboard: GA-Z77X-UP4 TH
Graphics card: Galax GTX1080
Memory: 32GB G.Skill Ripjaws
Location: Where beer does flow and men chunder
Contact:

Re: Hackers turn MySQL.com into malware launchpad

Post by hamin_aus »

Second time this year this has happened.

Well done Oracle.
Image
Post Reply