MySQL servers under botnet attack, report

Cybercriminals are using Ddostf malware botnet to turn MySQL servers into a DDoS-as-a-Service platform, using brute-force attacks on weak admin accounts or exploiting MySQL flaws. The hackers also utilize user-defined functions on Windows MySQL servers to execute commands, offering potential for other malicious activities. The Ddostf botnet has been active for seven years due to its ability to connect to fresh C2 addresses, resisting takedowns.