Slashdot Mirror

← Back to Stories (view on slashdot.org)

Worm Hits Windows Machines Running MySQL

Posted by michael on from the batten-the-ports-prepare-for-heavy-weather dept.

UnderAttack writes "A report on the Australian whirlpool forum suggest that a worm is currently taking out MySQL servers running on Windows. We have seen this happen with MSSQL before (not just 'Slammer', but also SQLSnake that used SA accounts without password). The SANS Internet Storm Center suggests that a rise in port 3306 scans can be attributed to the new worm, and is asking for observations to help figure this out. It appears the worm creates a file called 'spoolcll.exe'."

4 of 367 comments (clear)

  1. slashdot rulez by Anonymous Coward · · Score: 0, Flamebait

    ... its always first with 3 week old news. The virus was reported on January 5th.

  2. Re:Clarity by pete-classic · · Score: 0, Flamebait

    Dear fuckhole moderators,

    This was like the fourth post in the thread. How is it redundant?

    With Lots of Love,
    Peter "I wish Technocrat Didn't Suck" Hutnick

  3. Re:Acronym madness clarification. by caino59 · · Score: 0, Flamebait

    you're not familiar with the default settings, eh?

    windows is not an OS for dumb people - it takes a lot of work and effort to secure it...
    other OS's are a lot more secure out of the box

    unfortunately, it's the morons (glaring generality, yes.) that use windows, and the more informed using the other OS's....

  4. It says WINDOWS in the TITLE by Anonymous Coward · · Score: 0, Flamebait

    nt