Attack campaign hits thousands of MS-SQL servers for two years

In December, security researchers noticed an uptick in brute-force attacks against publicly exposed Microsoft SQL servers. It turns out the attacks go as far back as May 2018 and infect on average a couple thousand database servers every day with remote access Trojans (RATs) and cryptominers.

Researchers from Guardicore Labs have dubbed the ongoing campaign Vollgar and traced it back to China. The scans and attacks originate from Chinese IP addresses — likely associated with infected and hijacked machines — and the command-and-control (C&C) servers are also hosted in China and uses Chinese language for their web-based management interfaces.

To read this article in full, please click here

Read more: Attack campaign hits thousands of MS-SQL servers for two years

Story added 1. April 2020, content source with full text you can find at link above.