MySQL servers hit by DDoS malware botnet

Hackers are targeting vulnerable MySQL servers to incorporate them into a DDoS botnet, using the User-Defined Functions (UDF) feature to run commands. After compromising a server, the attackers use UDF to download Ddostf malware and rent the botnet as DDoS-as-a-Service to other hackers. Regular updates and strong login credentials can help protect against such attacks, according to AhnLab Security Emergency Response Center researchers.