MySQL.com hacked, redirects users to malware-laden sites
Summary: The attack follows word at Russian underground forums that root access to MySQL.com was being sold for US$3,000.
The high-profile MySQL.com web site was hacked and rigged to redirect users to malware-laden sites, according to warnings from security researchers.
The attack, spotted by researchers at Armorize, follows word at Russian underground forums that root access to MySQL.com was being sold for US$3,000.
The hacker selling access to MySQL.com boasts that the site attracts about 12 million users per month (39,000 per day).
The malware infection, done via iFrame redirection, was active for most of Monday morning but by 3:00PM Eastern, the site appeared to be cleaned.
Armorize researchers found a multi-step site redirection was being used to push MySQL.com visitors to a domain hosting the notorious BlackHole exploit back.
It exploits the visitor's browsing platform (the browser, the browser plugins like Adobe Flash, Adobe PDF, etc, Java, ...), and upon successful exploitation, permanently installs a piece of malware into the visitor's machine, without the visitor's knowledge. The visitor doesn't need to click or agree to anything; simply visiting mysql.com with a vulnerable browsing platform will result in an infection.
The BlackHole exploit kit, available to cyber-criminals for a $1,500 annual licensing fee, is typically used to infect site visitors via drive-by downloads.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
RE: MySQL.com hacked, redirects users to malware-laden sites
1) Linux, we're constantly being told, is the world's safest OS
2) Linux is OSS so everyone can and has read every line of code and identified and eliminated every attack vector
3) DTS stakes his reputation on the above, so Linux MUST be entirely impregnible.
Right?
Right.
RE: MySQL.com hacked, redirects users to malware-laden sites
+1
;)
And when it turns out the site was hacked by someone
RE: MySQL.com hacked, redirects users to malware-laden sites
The Linux.org and now the MySql.org sites falling within days of one another proves once and for all that Linux is not immune to the malicious b@$tards out there.
I stake my reputation on it ;)
RE: MySQL.com hacked, redirects users to malware-laden sites
You have some inside information that shows both Linux.org and Mysql.org were hacked via the OS and not the web sites. Didnt think so.
RE: MySQL.com hacked, redirects users to malware-laden sites
You have either failed to read the article or just trolling. I say trolling. At the time of article Web site was hacked.
Yet you have nothing to show the OS was hacked right?
Right
DTS staked his reputation on Ubuntu, was mysql.com running Ubuntu, No.
RE: MySQL.com hacked, redirects users to malware-laden sites
Well if the root access was for sell on russian forum, it means the OS was probably hacked.I doubt MySql team where dumb to the point to leave their root access password on their web directory.
RE: MySQL.com hacked, redirects users to malware-laden sites
Hehe, good one
Microsoft behind it!!
RE: MySQL.com hacked, redirects users to malware-laden sites
"The malware infection, done via iFrame redirection ...
Jeez, iFrames are nasty. Disable the thing and use it ONLY when you must.
RE: MySQL.com hacked, redirects users to malware-laden sites
The Funny Thing, Of Course...