More than 8,000 Windows computers running the MySQL database were probably infected with the worm program, referred to as the MySQL bot worm or by the name of the executable file, SpoolCLL, that the worm installs on vulnerable machines. The program did not spread on its own, but downloaded targets from several Internet relay chat (IRC) servers. Those several have been made inaccessible, virtually stopping the worm, said Oliver Friedrichs, senior manager for incident response at security technology maker SymantecMore info at CNET
Spreading of MySQL worm halted
Posted on Sunday, January 30 2005 @ 3:00 CET by Thomas De Maesschalck
Symantec reports that the MySQL worm has stopped spreading on Friday, after infected systems were cut off from the control of several central computers.