Coincheck: Russian hackers behind the theft of 530 million dollars?
infosec

Coincheck: Russian hackers behind the theft of 530 million dollars?

In January of 2018, the Japanese exchange platform, Coincheck, received an attack, resulting in the loss of the New Economy Movement (NEM) ...
Read More
infosec

Echobot malware is a new version of Mirai!

If there is one thing that seems to have no end to security issues are the authors of malware who ...
Read More
infosec

Mermaids: Personal messages spilled between the organization and parents of transgender children

Mermaids UK is an organization founded by parents of transgender children and aims to support these children ....
Read More
infosec

"Election" hacking has never been simpler than it is today!

Being a professional hacker has never been easier and more profitable than it is today. According to...
Read More
infosec

A new Android Trojan misleads users through notifications

A new Android Trojan discovered by security researchers on the Google Play Store uses false notifications to redirect their ...
Read More
Latest Posts

Chinese team of hackers APT-27 launched 15.000 attacks on MySQL Servers

MySQLThe Chinese team of hackers APT-27 targets large enterprise networks, taking advantage of MySQL servers.

Most business networks use it cloud platforms for storing their data. Hackers, on the other hand, also use cloud services to run their bots on cloud servers.

Businesses targeted by hackers, had taken care to fix security issues in their operating system, but the server running MySQL was vulnerable.

Surveys show that there are approximately 4.9 million MySQL servers running on public IP. If a malicious hacker accesses a network using MySQL, it automatically gains full access to the infected machine.

So far, 15.000 attacks have been detected. A large percentage (34%) of attacks is centered on Germany, but attacks have also been in many other countries. These include the United States, France, China, Poland and the United States Russia.

The researchers discovered that different methods are used to misuse MYSQL servers and, by extension, to violate networks. Through these methods, hackers can install backdoor, ransomware and more on the victim's machine.

Hackers exploit weaknesses such as default credentials and brute-force and SQL injection attacks.

They also use WebShell and exploit vulnerabilities, allowing them to bypass authentication procedures and take control of the server. They can then process, delete, or even steal the data.

Attackers have the ability to distribute many malicious software (viruses, ransomware, miner) by taking advantage of the MySQL server.

Researchers also discovered that APT-27 had used malware NewCore RAT, to attack government entities and data centers.

After installing malicious files, hackers insert a note asking for a ransom. However, the victims of the attack should not pay the ransom, because in this kind of attack, hackers do not restore the affected systems, even after the ransom payment.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *