Get a Pentest and security assessment of your IT network.

News

PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs

Researchers have discovered a botnet dubbed PgMiner that targets Postgres databases running on Linux servers to install a cryptocurrency miner. Palo Alto Networks Unit42 researchers believe that PGMiner can potentially be disruptive due to the popularity of the Postgres database. With additional effort, the malware could target all major operating systems, they warn. The bot performs brute-force attacks against Postgres servers exposed online, it exploits a disputed Postgres remote code execution (RCE) flaw to compromises database servers. The operators use a command and control (C2) server hosted on the Tor network.”]

Source: https://securityaffairs.co/wordpress/112235/malware/pgminer-botnet-postgresql.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2