MIT Server Used in Drive-By Attack

A server at the Massachusetts Institute of Technology was hijacked by hackers and used to launch drive-by attacks.  The server hosted a malicious script that was used to scan the internet for vulnerable websites and found vulnerable installations of phpMyAdmin which is a web-based database administration tool.  The script would locate these vulnerable servers and inject malicious code into the database and over 100,000 sites were affected by this attack.  According to BitDefender they tried to contact MIT, but received no response.  The server is still online, but is no longer being used to attack websites and BitDefender stated that hackers like to use servers from large organizations because it is easier for them to get through network filters.  Also by the time the script is found, it will already have affected more people than a regular bot-infected PC.

http://www.computerworld.com/s/article/9221444/MIT_server_hijacked_and_used_in_drive_by_attack_campaign?source=rss_networking&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+computerworld%2Fs%2Ffeed%2Ftopic%2F142+%28Computerworld+Network+Security+News%29

Advertisements