MySQL Website InfectedAdded: Friday, September 30th, 2011
Category: Recent Headlines Involving File Sharing > Current Events
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extrattorrent.com
According to the report of some Internet security outfit, the Mysql.com website has recently been hacked. They warn everyone that the site is currently serving malware.
Security outfit Armorize announced that they have found the intrusion through its site malware monitoring platform known as HackAlert. The latter also sends the Internet users angry emails most days.
It seems that the Mysql.com website has been injected with some script generating an iFrame, which redirects the Internet users to a jaw-breaker “http://truruhfhqnviaosdpruejeslsuy.cx.cc/main.php”. Once you get there, your browser will be tinkered by the BlackHole exploit pack, which is hosted at the abovementioned link. This wonderful pack permanently installs a piece of malware into your computer, and you won’t even notice the action. The matter is that the installation package doesn’t require you to click or agree to anything, so the malware will be integrated into your machine without your knowledge.
Since this kind of malware is still unknown for the most of the security labs, only 9% of anti-virus applications are able to detect and block it. You can imagine the number of the computers that will potentially be infected, turning out to be among the rest 91% of unprotected machines.
Meanwhile, the domain name you reach through the iFrame is located in Germany, but registered to Christopher J Klein from Miami. Meanwhile, the domain that distributes the exploit pack and the malware resides in Stockholm, Sweden.
Other security experts point out that this hack might be connected to the fact revealed recently by Trend Micro researchers, who announced to discover a denizen of some Russian underground forum engaged into selling root access to a number of the cluster servers of mysql.com, along with its subdomains. The guys ask at least $3,000 for each access. The security company admitted it has notified mysql.com admins of this fact more than a week ago.
September 30th,2011Posted by:
Friday, September 30th, 2011
|posted by (2011-09-30 15:31:40)|
Most firewalls include a sandbox, the IFRAME to the malicious site can also be blocked in your browser.
Sounds like The company Armorize is patting themselves on the back.
all kinds of different sites Sites have been dropping Trojans for years,
You can bet Oracle will spend some major cash to prevent it again.
Are they trying to scare us all into using the free VMPlayer with Ubuntu 5.10? LOL
|you use a browser that allows active x and that is what your going to get.|
Use a browser that doesn't use this active x; which the only co. that really uses it is microcrap.
I have mine all locked down and I visit a site and it tells me I need to allow this and that I am out of there and don't go back...
|posted by (2011-10-03 08:14:18)|
|Sounds like the act of a disgruntled employee.|
Most Popular Stories