Unsecured Microsoft SQL, MySQL servers hit by Gh0stCringe malware (bleepingcomputer.com)
Hackers target poorly protected SQL and MySQL databases to deploy Gh0stCringe remote access trojans on the devices. Gh0stCringe is a variant of the Gh0st RAT malware deployed by cyber-espionage operators in 2020. These hackers are now targeting exposed processes to remotely install the malicious executable on the database server. Once it is on the server, the malware can now run malicious commands or exfiltrate data on top of providing other services to an adversary, including keylogging and self-sustaining through other processes.
Kenneth Saltisky
Leave a Reply