MySQL Servers, Docker Hosts Infected With DDoS Malware

14-Nov-23

NETWORK SECURITYDDoS Malware Affected Docker Hosts and MySQL Servers


Researchers warn that malicious software capable of executing widespread denial-of-service attacks is being planted on MySQL servers and Docker hosts by attackers.


Researchers at the AhnLab Security Emergency Response Center have released a warning stating that attackers are focusing on MySQL servers and Docker hosts in order to implant malware that may initiate distributed denial-of-service (DDoS) assaults.AhnLab reports that attacks against MySQL on Windows have become more frequent due to weak MySQL servers being infected with ‘Ddostf,’ a Chinese DDoS-capable botnet that has been active since at least 2016.



AhnLab alerts users to the fact that malevolent hackers use TCP port 3306 to search the internet for MySQL servers that are open to the public. Once they find them, they try to compromise them by either using weak credentials or taking advantage of known vulnerabilities.


Read More…