• Business
• Internet
• Marketing
• Money
• Security
• SEO
• Software
• Technology
• Webmaster


• Interviews
• Reviews
• Tutorials

• Archives

  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • December 2005
  • November 2005
  • October 2005
  • September 2005
  • August 2005
  • July 2005
  • June 2005
  • May 2005
  • April 2005
  • March 2005
  • February 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004
  • August 2004
  • February 2004
  • January 2004

January 30, 2005

MySQL worm goes on rampage - is shut off at source

by brian_turner

If you're new here, you may want to subscribe to my RSS feed. Thank you for visiting!

A worm that exploited Windows installations of MySQL wraeked havoc yesterday as it spread rapidly across the internet.

Known as the MySpooler worm, it attempts to force its way in with a database of potential passwords, and once in it uses the the MySQL UDF Dynamic Library exploit to upload malicious code from an IRC channel - in this instance, the Wootbot trojan).

The MySpooler worm was believed to have infected as many as 4,500 machines per hour at its peak, and specifically targeted Windows machines running MySQL 4.0.21 or later, because these have elevated privileges over Unix installs which otherwise shield critical systems from MySQL operations.

However, CNet reports in MySQL worm halted that Symantec reports that the IRC channels were eventually shut down, effectively isolating the worm, but only after thousands of machines were turned into zombies.

The exploit involved was apparently reported as far back as July 2004, and code publicly released on the internet in December.

Discuss this in the Internet Business forums

Story link: MySQL worm goes on rampage - is shut off at source

Add to Bookmarks:

 

 

Previous: « BBA: 5 year low on mortgage lending
Next: Cisco triple router vulnerabilities in IOS »

Visited 793 times, 3 so far today

• Recent Posts

  • vbulletin updates: 3.7.2 Patch Level 2, vb 3.7.3, vb 3.8 and vb4.0
  • Cheap SEO: you get what you pay for
  • Dell’s new business laptops for Digital Nomads
  • The importance of praise for good work
  • Giant London cheesegrater gets shelved

• Most read today

  • Forum admins warned on new wave of spam
  • 10 reasons why Yahoo search sucks
  • Santy: Automated attack on phpbb forums
  • Sex.com - the story continues
  • Google Adwords targeted in phishing attacks

• Most read to date

  • Google tops list of 10 leading e-commerce developments
  • Forum admins warned on new wave of spam
  • Nanjing Auto to build new cars at Longbridge
  • Firefox 2 releases privacy storm
  • Sex.com - the story continues