Botnet Exploits SQL Servers to Install Crypto Mining App

Sophos revealed recent botnet attacks breach Microsoft SQL server databases to install a well-known Monero mining app.

Recent reports revealed that a group of hackers behind the Kingminer botnet targeted vulnerable Microsoft SQL server databases to mine cryptocurrencies at some point in the second week of June.

According to the cybersecurity firm Sophos, the attackers used the botnet, active since 2018, to exploit the BlueKeep and EternalBlue vulnerabilities, by also accessing through a trojan known as Gh0st, which relies on a remote access malware.

Once the SQL server database is infected, the botnet installs a well-known crypto miner software called XMRig, which mines Monero (XMR).

There are no details as of press time regarding how many systems were infected by the botnet, but researchers from Sophos believe that it could escalate to a significant size.

Publication date: 
06/10/2020 - 21:11

The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.