March 28, 2011, 12:33PM
Romanian Duo Hacks MySql.com
1 Comment
The Web site MySQL.com and other Web servers belonging to Oracle Corp.'s Sun Microsystems division were compromised on Sunday by Romanian hackers who took advantage of a SQL injection vulnerability in an application running on the server.
A group of Romanian hackers using the handles TinKode and Ne0h broke into the Web servers hosting MySQL.com, the main Web site for the open source database product, as well as sister sites for the French, German, Italian and Japanese markets. The hackers posted account credentials for MySql.com administrators, including the account credentials for Robin Schumacher, MySQL's Director of Product Management, and Kaj Arnö, MySQL's VP of Community and others.
In a post claiming responsibility for the hack, the two hackers said they attacked a parameter on an application running on the MySQL.com Web sites that was vulnerable to SQL Injection. Other MySQL installations were not believed to be vulnerable to the attack, assuming they are not running the same application, said Stefan Tanase, a security researcher at Kaspersky Lab.
Editor's Pick
The vulnerability isn't the first disclosed for the MySQL.com domain, which supports the global community of developers working on the MySQL database. In January, Tinkode also published information on a cross site scripting vulnerability on the same Web domain. Tanase said the duo have taken responsibility for other high profile compromises, but are not believed to be malicious hackers, but are quick to disclose vulnerabilities, often not giving the affected party time to plug the hole before it is disclosed or compromised.
SQL injection vulnerabilities allow remote attackers to compromise the security of SQL databases and, in some cases, gain remote access to the database and its content. They work by injecting malicious SQL code into user input statements (for example: Web forms) that are incorrectly filtered by the application.
SQL injections are the most common type of Web borne attack and have played a central role in recent high-profile breaches, including the compromise of DC security vendor HB Gary.
Commenting on this Article is closed.
Today's Most Popular
- Report: Diablo III Users Find Accounts Hacked, Gold Stolen And New 'Mystery' Friends
- Forget 'Brogrammers,' Women Have The Edge In DEFCON Social Engineering Contest
- Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops
- Why Google Won't Protect You From Big Brother
- Dear Jailbreaker, Apple Wants to Have a Word with You
Most Commented Stories
Newsletter Sign-up
Take Our Poll
The Internet Crime Complaint Center recently warned of malware targeting travelers connecting to Wi-Fi. When traveling, do you
Connect to anything
21%
Only connect to password-protected, secure connections
39%
Only use websites with HTTPS
27%
I don’t pay attention to how I access the internet while traveling
13%
Total votes: 62
Follow Threatpost
 |  |  |  |
| Tumblr |
Comments
not malicious? Let's see..they tested for and exploited a vulnerability on the website, stole login information and posted it on the Internet. How does one rationalize that as "not malicious"?