Hacked MySQL.com infects visitors’ PCs with website malware

The MySQL.com website has been hacked and infected with a JavaScript malware mwjs159, a website malware that often spreads when compromised machines are used to access restricted FTP client servers.

PC users who used unpatched browsers and plug-ins from MySQL.com that host the open-source MySQL database management system have been infected with mwjs159, The Register reported citing Sucuri blog.

Users visiting the site were redirected to a site that attempted to install malware on visitors’ PCs using code from the Blackhole exploit kit.

The Register quoted Armorize researchers as saying that mwjs159 exploits the visitor’s browsing platform, and upon successful exploitation, permanently installs a piece of malware into the visitor’s machine, without the visitor’s knowledge.

The motive of the hackers in the MySQL.com breach appears to be a less ambitious one as they targeted desktop machines of those who visited the site.

The Sucuri scanner identified the malware as often related to stolen FTP passwords, and thus speculated that one of their developers’ PC got compromised and had his password stolen.

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up