MySQL servers targeted by ‘Ddostf’ DDoS-as-a-Service botnet

AhnLab Security Emergency Response Center (ASEC) researchers have discovered a DDoS-as-a-Service campaign by the ‘Ddostf’ malware botnet, which targets MySQL servers. The botnet enslaves breached servers by exploiting vulnerabilities in unpatched MySQL environments or brute-forcing weak administrator account credentials. To defend against the attack, the researchers recommend applying the latest updates and creating long, unique passwords.