MySQL.com hacked again

MySQL.com is found serving malware after the second known hack on the website this year.

MySQL

For the second time in a year, MySQL.com has been hacked and is serving malware.

Security firm Amorize found some highly obfuscated injected JavaScript on the website, noting that visitors would be hit by the BlackHole exploit kit.

"It exploits the visitor's browsing platform ... and upon successful exploitation, permanently installs a piece of malware into the visitor's machine, without the visitor's knowledge," the company's co-founder Wayne Huang said in a blog post.

"The visitor doesn't need to click or agree to anything - simply visiting MySQL.com with a vulnerable browsing platform will result in an infection."

Huang said he was unsure who was behind the attack. Amorize was attempting to contact MySQL.com yesterday, but had not confirmed if the site had responded.

On the KrebsonSecurity blog, Brian Krebs claimed he had found evidence administrative access to MySQL.com was being sold in an "exclusive Russian hacker forum." The seller went by the name of sourcec0de.'

Worryingly for IT departments, using test site Virus Total, Huang showed only six out of 43 anti-virus engines could detect the malware being served by MySQL.com. When the company first blogged, only four were able to do so.

The video below shows how MySQL.com was serving malware:

MySQL.com was hacked in March 2011, ironically by an SQL injection attack.

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Recommended

New malware uses search engine ads to target pirate gamers
malware

New malware uses search engine ads to target pirate gamers

21 Jul 2021
Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Apple patches zero-day flaw abused by infamous NSO exploit
exploits

Apple patches zero-day flaw abused by infamous NSO exploit

14 Sep 2021
Hackers develop Linux port of Cobalt Strike for new attacks
Security

Hackers develop Linux port of Cobalt Strike for new attacks

14 Sep 2021