1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft servers are being hijacked to boost proxies

    From TechnologyDaily@1337:1/100 to All on Fri Jul 29 18:15:04 2022
    Microsoft servers are being hijacked to boost proxies

    Date:
    Fri, 29 Jul 2022 17:02:08 +0000

    Description:
    Microsoft SQL servers are being infected with proxyware, turning them into rentable proxy servers.

    FULL STORY ======================================================================

    Hackers have been found installing malware on Microsoft SQL servers in order to monetize the endpoints bandwidth.

    Findings from Ahnlab discovered a special type of malware, called proxyware, which turns the host device into a proxy server that remote users can use for different things, from testing, to content distribution.

    To incentivize people to use proxyware, the malware owners pay them a portion of the proceedings, and according to the researchers, some can make as much
    as $6,000 a month for renting out excess bandwidth. Bundling it with malware

    Now, hackers have come up with an ingenious idea, to have proxyware installed on Microsoft SQL servers, and have the earnings funneled to their accounts. Besides for a few hiccups, and a general slowdown in internet speeds, the servers owners shouldnt experience much of a difference, the researchers
    said.

    Another reason why Microsoft SQL servers are an interesting target for cybercriminals is due to the fact that the endpoints IP addresses are not blacklisted.

    In its report , Ahnlab mentioned two separate proxyware variants,
    Peer2Profit, and IPRoyal. Cybercriminals seem to be distributing these by bundling them up with other adware and malware strains. Once the victim installs the proxyware, the attackers will see it as a newly available proxy, which third parties can use for whatever reason, including criminal activity. Read more

    This devious cyberattack might be selling off your internet bandwidth


    What is a residential proxy? Heres everything you need to know


    Keep your internet traffic to yourself with the best firewalls out there

    This campaign has been active since June 2022, the researchers say, adding that proxyware is on the rise, mostly due to its ability to remain undetected for relatively long, earning serious cash for the operators.

    Besides proxyware, MS-SQL users should also be wary of cryptominers, another type of malware that may, or may not, slow down the target device, but will not damage it or render it useless. Cryptominers mine cryptocurrencies for
    the malware operators, and given the nature of mining, might take up a significant portion of computing power and might rake in hefty electricity bills. Keep your devices secure with the best endpoint protection services
    out there

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-servers-are-being-hijacked-to-boost-p roxies/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)