Back to the list

Hackers Infect Microsoft Servers with Crypto Mining Malware. Here's How They Did It


u.today 01 April 2020 12:32, UTC
Reading time: ~1 m

  • Monero and Vollar 
  • A new source of monetization 
Put your crypto to work:
10 ETH
  • 1.30

    Interest per week

  • 67.5

    Interest per year

  • 3.60

    Interest rate

Join Now!
Sponsored by Celsius.Network

According to Hacker News, more than 2,000 Microsoft SQL database servers have been compromised by cryptojackers with the 'Volgar' botnet that has been up and running since 2018. 

Monero and Vollar 

The hackers behind this operation were able to infect up to 3,000 servers over the last few weeks. They use brute-force password-guessing attacks to create backdoor users and execute malicious commands. 

Their possible victims span a myriad of industries -- from healthcare to telecommunication.       

With the help of infected servers, the attackers were able to mine Monero (XMR) and a little-known altcoin called Vollar (the botnet itself was named after this cryptocurrency).   

A new source of monetization 

The machines that run MS-SQL databases are an attractive target for hackers. On top of storing valuable personal information, they also boast powerful CPUs, which is particularly valuable for those bad actors who rely on cryptojacking for monetization.       

As reported to U.Today, the Stantinko botnet recently added new obfuscating techniques for illegal cryptocurrency mining.  

Back to the list