Botnet Exploits SQL Servers to Install Crypto Mining App

Published at:
Altcoin
Hackers
Mining
Security
Monero
Malware
Cryptojacking

Recent reports revealed that a group of hackers behind the Kingminer botnet targeted vulnerable Microsoft SQL server databases to mine cryptocurrencies at some point in the second week of June.

According to the cybersecurity firm Sophos, the attackers used the botnet, active since 2018, to exploit the BlueKeep and EternalBlue vulnerabilities, by also accessing through a trojan known as Gh0st, which relies on a remote access malware.

Once the SQL server database is infected, the botnet installs a well-known crypto miner software called XMRig, which mines Monero (XMR).

There are no details as of press time regarding how many systems were infected by the botnet, but researchers from Sophos believe that it could escalate to a significant size.

Related Posts
Researchers Find Monero Mining Malware That Hides From Task Manager   Aug. 14, 2019
Trend Micro: Outlaw Hacking Group’s Botnet Is Now Spreading a Monero Miner   June 13, 2019
1,000 Corporate Systems Infected With Monero Mining Malware   May 27, 2020
French Police Shut Down 850,000 Computer Botnet Used for Cryptojacking   Aug. 28, 2019
Despite Bear Market, Crypto Mining Malware Tops Threat Index for 13th Month Running   Jan. 14, 2019