• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
MySQL.com hacked and was serving malware
#1
MySQL.com hacked and was serving malware

I've not got this post up as fast as I'd have liked.. so I'm just going to give you a brief overview.
  • The MySQL.com front page was compromised and had a malicious iframe injected in to it which linked to a malicious site which hosted a blackHole exploit "pack" that probes for known browser and plugin weaknesses and then stealthily installs malware on the visitor's PC.
  • The exploit didn't required any interaction or confirmation from the user.
  • Two different trojans were detected being sent to users, Troj/WndRed-C and Troj/Agent-TNV
  • Because of the nature of the iframe attack, and the redirect chain the attackers could have easily varied the payload.

Security blogger Brian Krebs reports that he had seen a post last week on a Russian hacker forum by a member offering to sell root access MySQL.com for $3,000.


Below you can see a video of the attack in action.


Check out an in-depth view of the code and more from the link below
http://blog.armorize.com/2011/09/mysqlco...-with.html
  Reply
#2
very very interesting thanks for the share i can't believe that its crazy.
[Image: i54vt3.jpg]
  Reply
#3
*didn't require
[Image: nomnomnom.jpg]
;7$=v?%v%#5>v7v8994
The decrypt code is V, I could not make it any simpler!
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  MySQL - How to reset the root password Mark 0 5,196 08-04-2014, 12:22 PM
Last Post: Mark
  MyBB.com was hacked Mark 2 23,540 07-06-2012, 12:26 AM
Last Post: Mark
  Facebook and Malware, best buddys Mark 8 16,131 05-01-2011, 04:33 PM
Last Post: latch
  McDonald's customer data is compromised after partner hacked Mark 0 5,053 31-12-2010, 05:31 AM
Last Post: Mark
  The cost of malware removal Mark 1 7,051 18-11-2010, 02:00 AM
Last Post: T3hRogue

Forum Jump: