MySQL worm attacks databases

Posted on Friday, Jan 28 2005 @ 19:58 CET by Thomas De Maesschalck
A new worm has been discoverd that exploits weak MySQL installations on Windows-based platforms.

The SANS Institute's Storm Centre said that the MySQL worm takes advantage of weak passwords and the database's support for remote configuration. It is said that thousands of vulnerable databases have been infected by this worm so far.
The bot uses the known "MySQL UDF Dynamic Library Exploit". In order to launch itself, the bot first has to authenticate to MySQL as the "root" user. A long list of passwords is included with the bot, and it will try a brute force technique to get the password.
The insitute said that MySQL users should use stronger passwords and need to make use of a firewall to prevent infection and spreading of this worm.

More info at ComputerWeekly


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments



Use Disqus to post new comments, the old comments are listed below.


Re: MySQL worm attacks databases
by Anonymous on Friday, Jan 28 2005 @ 21:39 CET
next time try to use spellchecker before posting