Attackers are turning MySQL servers into DDoS bots
▻http://www.net-security.org/malware_news.php?id=3134
Someone has been compromising MySQL servers around the world and using them to mount DDoS attacks. The latest targets of these attacks are an (unnamed) US hosting provider and a Chinese IP address.
Most of the servers affected in this campaign are located in India, China, Brazil and the Netherlands, but others can be found around the globe.
Uses variant of #Chikdos Trojan
• SQL injection to install malicious user-defined function (UDF) on target server, then loaded into SQL and executed
• UDF acts as downloader and compromise server to get remote access
• UDF downloads two variants of Chikdos trojan from 2 compromised sites.