1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hackers infect MySQL servers with malware for DDoS attacks

Discussion in 'CSO' started by RSS, Oct 29, 2015.

  1. RSS

    RSS New Member Member

    Hackers are exploiting SQL injection flaws to infect MySQL database servers with a malware program that's used to launch distributed denial-of-service (DDoS) attacks.

    Security researchers from Symantec found MySQL servers in different countries infected with a malware program dubbed Chikdos that has variants for both Windows and Linux.

    This Trojan is not new and was first documented in 2013 by incident responders from the Polish Computer Emergency Response Team (CERT.PL). At that time the malware was being installed on servers after using brute-force dictionary attacks to guess SSH (Secure Shell) login credentials.

    MORE ON CSO: How to spot a phishing email

    However, the new attacks observed by Symantec abuse the user-defined function (UDF) capability of the MySQL database engine. UDF allows developers to extend the functionality of MySQL with compiled code.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page