The MySQL.com website, one of the domains compromised in the attack
(WEB HOST INDUSTRY REVIEW) — According to several reports appearing Monday, the MySQL.com website, belonging to Oracle, was compromised over the weekend by a pair of Romania-based hackers, who published usernames and passwords for some users of the site.
The hackers calling themselves “TinKode” and “Ne0h” took credit for the attack, saying they had used a SQL injection attack to access a list of domains that included mysql.com, mysql.fr, mysql.de, mysql.it and www-jp.mysql.com.
A report posted Tuesday on eWeek said the same two hackers had compromised several subdomains of Sun.com, another Oracle property. The article links a blog on Baywords, operated by TinKode, which provides more details on the compromised sites.
Following the original attack, the hackers posted a dump of stolen information on Pastebin, including passwords for a group of MySQL database users on the server, as well as the admin passwords for the corporate blogs of two former employees, Robin Schumacher and Kaj Arno. Neither blog had been recently updated.
Oracle acquired both MySQL.com and Sun.com in its acquisition of Sun Microsystems in 2009. The company has reportedly yet to issue any public statement on the compromise of either domain.
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
