According to Hacker News, security researchers from security firm GuardiCore Labs have uncovered multiple attacks by Chinese criminal groups operating worldwide, targeting database servers that cryptocurrencies, revealing sensitive data and building DDoS botnets . Researchers analyzed thousands of attacks launched in recent months and identified at least three variants – Hex, Hanako and Taylor – different MS SQL and MySQL servers for Windows and Linux.
All three variants have different goals: Hex installs crypto-currency miner and remote access Trojan (RAT) on infected machines, Taylor installs keyloggers and backdoors, and Hanako uses infected devices to build DDoS botnets.
What is interesting? In order to launch attacks against database servers and provide services for malicious files, attackers use already compromised system networks to modularize their attack infrastructure and prevent malicious activity from becoming paralyzed.
Security researchers have discovered multiple attack campaigns conducted by an established Chinese criminal group that operates worldwide, targeting database servers for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet. The researchers from security firm GuardiCore Labs have analyzed thousands of attacks launched in recent months and identified at least three Engaging post, Read More…
thumbnail courtesy of thehackernews.com
If you like to receive more of these curated news alerts then subscribe to my mailing list.