Mysql Exploit Infected Several Thousand Servers
Source: a11news.com
WinZipIces.cn - Several thousand websites have been hacked by a MySQL exploit that redirects visitors to WinZipIces.cn where a phishing trojan is downloaded onto your PC.
Prominent sites affected by the WinZipIces.cn hack are WiredSeniors.com, CGSI.org, MoviesUnlimited, SeniorsTravelGuide.com, CancerIssues.com, USSC.edu, UCLA.edu, telluride-co.gov, and thousands more hacked websites which are similarly infected worldwide.
The WinZipIces phishing exploit launched by Chinese hackers using an automated ****** that searches for an unpatched SQL vulnerability on web servers downloads two files onto visitors computers, JS_DLOADER.AEHM and TROJ_REALPLAY.BR.
Both these initial files in turn download TROJ_AGENT.AKVP onto the infected system of visitors to these hacked websites.
Users should make sure their own personal computers are not infected by the WinZipIces hack by having current antivirus software and firewalls installed and active on their PCs.
Website hosting providers should check their servers to be sure all patches have been applied to vulnerable servers. Experts expect the wave of infected sites to continue for the next week to ten days.
BitDefender added detection for this threat yesterday, May 10, 2008.
Related links: