Cybersecurity firm Guardicore said a malware botnet has been launching brute-force attacks against Microsoft SQL (MSSQL) databases to hijack administrative accounts and install cryptocurrency mining scripts on the underlying operating system for nearly two years.
A report by Guardicore estimated the Vollgar botnet infects approximately 3,000 new MSSQL databases daily.
Guardicore said more than 120 mainly Chinese Internet Protocol addresses are used to launch attacks that attempt to guess the passwords of MSSQL servers.
More than 60% of all hijacked MSSQL servers remain infected with the malware for no more than two days, but Guardicore's Ophir Harpaz said nearly 20% of all MSSQL systems remain infected for more than a week.
Said Harpaz, "Our experience shows that this type of campaign makes the most immediate attack vector for threat actors to make a profit."
From ZDNet
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found