homepage Welcome to WebmasterWorld Guest from 54.196.201.253
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Microsoft / Deprecated - Microsoft Windows OS (XP/NT/Vista)
Forum Library, Charter, Moderators: bill

Deprecated - Microsoft Windows OS (XP/NT/Vista) Forum

    
MySQL 'Bot' Attacks Windows Systems
The bot takes advantage of the publicly released "MySQL UDF Dynamic Library
pendanticist




msg:1571290
 11:13 pm on Jan 27, 2005 (gmt 0)

[eweek.com...]

Malicious hackers have launched a zero-day bot attack against default Windows installations of the MySQL database engine, infecting vulnerable systems at the rate of 100 per minute, security experts warned on Thursday.

 

pendanticist




msg:1571291
 6:17 pm on Jan 28, 2005 (gmt 0)

[boostmarketing.com...] has more to say on the issue:

The MySpooler worm has already infected thousands of machines with many more at risk. It infects by taking advantage of weak password controlled systems and then uses a known exploit to gain entry to install a backdoor program called a "Wootbot". Once this is done the system logs into a hackers IRC channel and hunts out other servers to infect.

Although mySQL is popular on Unix machines, only mySQL 4.0.21 for Windows is vulnerable to this attack. The SANS institute recommends blocking port 3306 and ensuring root passwords are secure enough. So "password" as a password simply won't do.

Sanenet




msg:1571292
 6:22 pm on Jan 28, 2005 (gmt 0)

Call me an old fuddy duddy - but anybody putting "password" as the password deserves to have some 14 year old rummaging around in their system.

Birdman




msg:1571293
 6:41 pm on Jan 28, 2005 (gmt 0)

I believe one of the probs is that when you install MySql, the "root" username is already set up with a default password of "admin". They then stress to you to change it but I'm sure many forget to.

Someone please correct me if I'm wrong :)

pendanticist




msg:1571294
 8:21 pm on Jan 30, 2005 (gmt 0)

I can't speak to that, Birdman. But, it appears to be over.

[earthtimes.org...]

'MySQL bot' database worm is halted.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Microsoft / Deprecated - Microsoft Windows OS (XP/NT/Vista)
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved