Ouch!Hackers turn MySQL.com into malware launchpad
By Sean Gallagher | Published 34 minutes ago
As if the MySQL community doesn't have enough to worry about, a security firm is reporting that the MySQL.com website has been commandeered by hackers. And recent visitors to the MySQL.com website may have downloaded something other than the database software to their systems.
Web security firm Armorize reported in its blog today that the MySQL.com website has been turned into a launchpad for serving up malware attacks. Visitors to the home page of the site are hit with a JavaScript injection attack that has been planted on the site. The script opens an IFRAME to a malicious site, which in turn launches a BlackHole exploit "pack" that probes for known browser and plugin weaknesses and then stealthily installs malware on the visitor's PC. There's no warning button or action required by the user other than visiting the site to trigger the download.
Security blogger Brian Krebs reports that he had seen a post last week on a Russian hacker forum by a member offering to sell root access MySQL.com for $3,000. The site is owned by Oracle.
Hackers turn MySQL.com into malware launchpad
-
- Forum Administrator
- Posts: 22136
- Joined: 14 Jun 2004, 02:00
- Processor: Ryzen 1700K
- Motherboard: Asus X370
- Graphics card: Asus 1060 Strix
- Memory: 16GB RAM
- Location: Where Google says
Hackers turn MySQL.com into malware launchpad
http://arstechnica.com/business/news/20 ... mpaign=rss
JUSTICE, n A commodity which is a more or less adulterated condition the State sells to the citizen as a reward for his allegiance, taxes and personal service.
- hamin_aus
- Forum Moderator
- Posts: 18363
- Joined: 28 Aug 2003, 02:00
- Processor: Intel i7 3770K
- Motherboard: GA-Z77X-UP4 TH
- Graphics card: Galax GTX1080
- Memory: 32GB G.Skill Ripjaws
- Location: Where beer does flow and men chunder
- Contact:
Re: Hackers turn MySQL.com into malware launchpad
Second time this year this has happened.
Well done Oracle.
Well done Oracle.