News Hackers Sell 85K Hacked SQL Databases

Hackers Sell 85K Hacked SQL Databases

-

More than 85,000 SQL databases are sold on the hacker portal on the darknet for $ 550 per database. Cybercriminals use the portal as part of an increasingly popular ransomware scheme with databases, writes ZDNet.

The scheme, which began to be used in early 2020, is as follows: attackers break into the SQL database, load tables and delete the original, leaving a ransom note. The note outlines how the owner of the database can contact the ransomware and agree on the return of their data.

Initially, the attackers provided their email address, but when the scale of the operation increased significantly over time, they began to specify the addresses of the sqldb.to and dbrestore.to portal, which was then transferred to the darknet. By going to this address, the victim must enter the unique identifier specified in the ransom note, after which the page with the database for sale opens. If the victim does not pay the ransom within nine days, the data will be put up for auction in another section of the portal.

The ransom must be paid in bitcoin. Over the course of the year, the amount varied as the bitcoin rate changed, but on average it was about $ 500 per site, regardless of its content.

The processes of hacking and selling databases are automated, and cybercriminals do not analyze the contents of compromised databases.

Attacks are easily detected because attackers usually place a ransom note in SQL tables with the heading “WARNING”. While most of the compromised databases are MySQL servers, it is possible that other SQL databases such as PostgreSQL and MSSQL may have been affected as well.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you