Tweet
Hackers have been found installing malware on Microsoft SQL servers in order to monetize the endpoints’ bandwidth.
Findings from Ahnlab discovered a special type of malware, called proxyware, which turns the host device into a proxy server that remote users can use for different things, from testing, to content distribution.
To incentivize people to use proxyware, the malware owners pay them a portion of the proceedings, and according to the researchers, some can make as much as $6,000 a month for renting out excess bandwidth.
[HEADING=1]Bundling it with malware[/HEADING]
Now, hackers have come up with an ingenious idea, to have proxyware installed on Microsoft SQL servers, and have the earnings funneled to their accounts. Besides for a few hiccups, and a general slowdown in internet speeds, the servers’ owners shouldn’t experience much of a difference, the researchers said.
Another reason why Microsoft SQL servers are an interesting target for cybercriminals is due to the fact that the endpoints’ IP addresses are not blacklisted.
In its report, Ahnlab mentioned two separate proxyware variants, Peer2Profit, and IPRoyal. Cybercriminals seem to be distributing these by bundling them up with other adware and malware strains. Once the victim installs the proxyware, the attackers will see it as a newly available proxy, which third parties can use for whatever reason, including criminal activity.
Read more
This campaign has been active since June 2022, the researchers say, adding that proxyware is on the rise, mostly due to its ability to remain undetected for relatively long, earning serious cash for the operators.
Besides proxyware, MS-SQL users should also be wary of cryptominers, another type of malware that may, or may not, slow down the target device, but will not damage it or render it useless. Cryptominers mine cryptocurrencies for the malware operators, and given the nature of mining, might take up a significant portion of computing power and might rake in hefty electricity bills.
[ul]
[li]Keep your devices secure with the best endpoint protection services out there[/li][/ul]
Via: BleepingComputer
Continue reading…
Findings from Ahnlab discovered a special type of malware, called proxyware, which turns the host device into a proxy server that remote users can use for different things, from testing, to content distribution.
To incentivize people to use proxyware, the malware owners pay them a portion of the proceedings, and according to the researchers, some can make as much as $6,000 a month for renting out excess bandwidth.
[HEADING=1]Bundling it with malware[/HEADING]
Now, hackers have come up with an ingenious idea, to have proxyware installed on Microsoft SQL servers, and have the earnings funneled to their accounts. Besides for a few hiccups, and a general slowdown in internet speeds, the servers’ owners shouldn’t experience much of a difference, the researchers said.
Another reason why Microsoft SQL servers are an interesting target for cybercriminals is due to the fact that the endpoints’ IP addresses are not blacklisted.
In its report, Ahnlab mentioned two separate proxyware variants, Peer2Profit, and IPRoyal. Cybercriminals seem to be distributing these by bundling them up with other adware and malware strains. Once the victim installs the proxyware, the attackers will see it as a newly available proxy, which third parties can use for whatever reason, including criminal activity.
Read more
This devious cyberattack might be selling off your internet bandwidth
What is a residential proxy? Here’s everything you need to know
Keep your internet traffic to yourself with the best firewalls out there
What is a residential proxy? Here’s everything you need to know
Keep your internet traffic to yourself with the best firewalls out there
Besides proxyware, MS-SQL users should also be wary of cryptominers, another type of malware that may, or may not, slow down the target device, but will not damage it or render it useless. Cryptominers mine cryptocurrencies for the malware operators, and given the nature of mining, might take up a significant portion of computing power and might rake in hefty electricity bills.
[ul]
[li]Keep your devices secure with the best endpoint protection services out there[/li][/ul]
Via: BleepingComputer
Continue reading…