With over 12 million monthly visitors, word must get out to keep people from going to MySQL(dot)com until they get things sorted out.
This isn’t a minor annoyance. The exploits inserted by the hackers are extremely malicious and work in the background. There is no need to click on or accept anything. Simply visiting the site can cause major permanent damage to your hard drive and currently only 6 out of the 43 major malware protection services are even able to detect it.
The administrative access to perform the hack and inject the exploits, known as the BlackHole Exploit Pack, was sold through a hacker forum for $3,000.
According to Krebs on Security, “The ultimate irony of this attack is that the owner of mysql.com is Oracle Corp., which also owns Java, a software suite that I have often advised readers to avoid due to its numerous security and update problems.”
Here, we can see the exploits being enacted live by Armorize.
Leave a Reply