October 28, 2015
Attackers are compromising MySQL servers with the Chikdos malware to force them to conduct DDoS attacks against other targets.
Symantec have discovered malware that targeted MySQL servers to make them conduct distributed denial-of-service (DDoS) attacks against other websites. The attackers initially injected a malicious user-defined function (Downloader.Chikdos) into servers in order to compromise them with the Trojan.Chikdos.A DDoS malware
According to telemetry, the majority of the compromised servers are in India, followed by China, Brazil and the Netherlands.