Showing entries 1 to 1
Displaying posts with tag: Trojan (reset)
MySQL and Trojan.Chikdos.A

Symantec published a blog post yesterday regarding MySQL and the Trojan.Chikdos.A as can be seen here

The Symantec post gives detail into the behavior of the Trojan and it’s effects on the Windows system registry, yet gives little detail as to how the required first stage (namely a malicious UDF) is injected, citing:

“In the latest Chikdos campaign that we observed, the attackers likely used an automated scanner or possibly a worm to compromise MySQL servers and install the UDF.”

I’m going to give my thoughts on the pre-requisites to infection here.

  1. The MySQL server has poor network isolation (i.e. is likely accessible from everywhere e.g. …
[Read more]
Showing entries 1 to 1