By Ionut Arghire on February 24, 2017
Thousands of MySQL databases are potential victims to a ransom attack that appears to be an evolution of the MongoDB ransack campaign observed a couple months ago, GuardiCore warns.
As part of the attack, unknown actors are brute forcing poorly secured MySQL servers, enumerate existing databases and their tables, stealing them, and creating a new table to instruct owners to pay a 0.2 Bitcoin (around $200) ransom. Paying, the attackers claim, would provide owners with access to their data, but that’s not entirely true, as some databases are deleted without being stolen.
Powered by WPeMatico