Welcome to WebmasterWorld Guest from 54.147.134.218

Forum Moderators: bill

Message Too Old, No Replies

MySQL 'Bot' Attacks Windows Systems

The bot takes advantage of the publicly released "MySQL UDF Dynamic Library

     
11:13 pm on Jan 27, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 27, 2002
posts:1685
votes: 0


[eweek.com...]

Malicious hackers have launched a zero-day bot attack against default Windows installations of the MySQL database engine, infecting vulnerable systems at the rate of 100 per minute, security experts warned on Thursday.
6:17 pm on Jan 28, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 27, 2002
posts:1685
votes: 0


[boostmarketing.com...] has more to say on the issue:

The MySpooler worm has already infected thousands of machines with many more at risk. It infects by taking advantage of weak password controlled systems and then uses a known exploit to gain entry to install a backdoor program called a "Wootbot". Once this is done the system logs into a hackers IRC channel and hunts out other servers to infect.

Although mySQL is popular on Unix machines, only mySQL 4.0.21 for Windows is vulnerable to this attack. The SANS institute recommends blocking port 3306 and ensuring root passwords are secure enough. So "password" as a password simply won't do.
6:22 pm on Jan 28, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 22, 2002
posts:1001
votes: 0


Call me an old fuddy duddy - but anybody putting "password" as the password deserves to have some 14 year old rummaging around in their system.
6:41 pm on Jan 28, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 22, 2002
posts:2546
votes: 0


I believe one of the probs is that when you install MySql, the "root" username is already set up with a default password of "admin". They then stress to you to change it but I'm sure many forget to.

Someone please correct me if I'm wrong :)

8:21 pm on Jan 30, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 27, 2002
posts:1685
votes: 0


I can't speak to that, Birdman. But, it appears to be over.

[earthtimes.org...]

'MySQL bot' database worm is halted.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members