MySQL Servers Hijacked With Malware To Perform DDoS Attacks

An anonymous reader writes with news of a malware campaign using hijacked MySQL servers to launch DDoS attacks. Symantec reports: "Attackers are compromising MySQL servers with the Chikdos malware to force them to conduct DDoS attacks against other targets. According to Symantec telemetry, the majority of the compromised servers are in India, followed by China, Brazil and the Netherlands, and are being used to launch attacks against an US hosting provider and a Chinese IP address."

Is there anything to read without disabling JS?

Is there anything I can read about this without disabling NoScript on that bloody Symantec travesty of a website?

Re:Windows Servers hijacked with Malware ..

Don't forget SSHGuard or Fail2Ban so someone guessing passwords gets the ball-gag quickly. It also doesn't hurt to block geographic ranges one doesn't use, nor come from. For example, I use a VPN service (mainly as an outer layer of protection against unscrupulous Wi-Fi APs as well as Verizon's identifying tags on HTML traffic that are added.) Any connections that are either not from where I work or that VPN service I use are dropped via iptables (if I let them be dropped by TCP wrappers, the attacker would know a machine actually got the requests.)

Bastion hosts are wise. I have mine as a VM, so I can roll it back to the state after patches/config changes were put on, every so often. Having it RSA key only is also wise... makes password guessing a non-issue. I also have root blocked, since attackers know that user, but generally not the user I use (yes, security through obscurity... but it is one additional thing an attacker has to hunt for, in order to gain access.) As a backup, I use Google's Authenticator, so if I don't have a session with a RSA key, I can use the Google Authenticator (or similar TKIP app) as 2FA.