Platinax: For EntrepreneursPlatinax Business ForumPlatinax Business NewsPlatinax Business DirectoryBusiness Blog
 
January 30, 2005

MySQL worm goes on rampage - is shut off at source

Link: MySQL worm goes on rampage - is shut off at source

by brian_turner

A worm that exploited Windows installations of MySQL wraeked havoc yesterday as it spread rapidly across the internet.

Known as the MySpooler worm, it attempts to force its way in with a database of potential passwords, and once in it uses the the MySQL UDF Dynamic Library exploit to upload malicious code from an IRC channel - in this instance, the Wootbot trojan).

The MySpooler worm was believed to have infected as many as 4,500 machines per hour at its peak, and specifically targeted Windows machines running MySQL 4.0.21 or later, because these have elevated privileges over Unix installs which otherwise shield critical systems from MySQL operations.

However, CNet reports in MySQL worm halted that Symantec reports that the IRC channels were eventually shut down, effectively isolating the worm, but only after thousands of machines were turned into zombies.

The exploit involved was apparently reported as far back as July 2004, and code publicly released on the internet in December.





>> Discuss this story in the Platinax Business Forum

Add to Bookmarks:

  • ADD TO DEL.ICIO.US
  • ADD TO DIGG
  • ADD TO FURL
  • ADD TO NEWSVINE
  • ADD TO NETSCAPE
  • ADD TO REDDIT
  • ADD TO STUMBLEUPON
  • ADD TO TECHNORATI FAVORITES
  • ADD TO SQUIDOO
  • ADD TO WINDOWS LIVE
  • ADD TO YAHOO MYWEB
  • ADD TO GOOGLE
  • ADD TO SPURL
  •  


    Most recent news stories:


    Paypal Europe to move to Luxembourg
    Dragons Den to begin Series 5
    BT Vision to offer CBS Paramount programming
    University cluster boasts 182 terabytes of storage
    Minority technology to kill mouse
    Wi-fi Attacks Threaten Café Hotspots
    VeeSee TV debuts IPTV for the deaf
    LTE standard promises 100Mbps connectivity
    Laptop theft up 6% in UK
    IE8 to work with CSS2


    Related posts to "MySQL worm goes on rampage - is shut off at source":


    Self-healing worm on rampage
    Anti-Santy-Worm V4
    Morris Worm: 16 years ago today
    New MyDoom Worm
    The Worm that didn’t turn

    No Comments »

    No comments yet.

    Leave a comment