PCFormat Forum Archive

Hackers turn MySQL.com into malware launchpad
By Sean Gallagher | Published 34 minutes ago

As if the MySQL community doesn't have enough to worry about, a security firm is reporting that the MySQL.com website has been commandeered by hackers. And recent visitors to the MySQL.com website may have downloaded something other than the database software to their systems.

Web security firm Armorize reported in its blog today that the MySQL.com website has been turned into a launchpad for serving up malware attacks. Visitors to the home page of the site are hit with a JavaScript injection attack that has been planted on the site. The script opens an IFRAME to a malicious site, which in turn launches a BlackHole exploit "pack" that probes for known browser and plugin weaknesses and then stealthily installs malware on the visitor's PC. There's no warning button or action required by the user other than visiting the site to trigger the download.

Security blogger Brian Krebs reports that he had seen a post last week on a Russian hacker forum by a member offering to sell root access MySQL.com for $3,000. The site is owned by Oracle.