hack serves up malware to site visitors

News hack serves up malware to site visitors

Jenny Williams

The open source database website has been hacked, leaving site visitors exposed to malicious code, according to internet reports.

Web security firm Armorize outlined the hack on its company blog, warning the Oracle-owned open source database website is serving malware.

In a blog post, Graham Cluley, senior technology consultant at Sophos, warned that simply by visiting the homepage of the website, a Java exploit downloads malicious code onto PCs running Microsoft Windows.

"The attraction for malicious hackers is obvious. reportedly receives almost 12 million visitors a month (nearly 400,000 a day), meaning there is a steady stream of potential victim computers visiting the site which could become infected through a drive-by download," he said.

Cluley added that Sophos had detected the malware as Troj/WndRed-C but the malicious software could be changed at any time by the cybercriminals.

"The infection is embarrassing to, which suffered another hack earlier this year. On that occasion, hackers exploited an SQL injection vulnerability to expose usernames and poorly chosen passwords," said Cluley.

Oracle had not responded to a request for comment at the time of publication.

Video: Armorize shows how visitors are infected with malware when visiting the site

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy