Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

MySQL.com compromised spreading malware

Published: 2011-09-26
Last Updated: 2011-09-26 21:50:32 UTC
by Jason Lam (Version: 1)
6 comment(s)

MySQL.com have been compromised and spreading malware. This was first spotted by the folks over at Amorize. Looks like there is a piece of Javascript on mysql.com containing some obfuscated iframe link which in turn link the user to the malicious content - Blackhole exploit kit. A torrent of exploits then hit the user's browser, PDF component, Java..

The issues had now been cleaned up on mysql.com but no further words on the scope of the compromise. It also appears to be the second time this year. In the last incident, SQL injection was used to gain access to the information on the site.

 

Keywords: compromised
6 comment(s)
Diary Archives