Malware dubbed MrbMiner has targeted thousands of Microsoft SQL servers in North America, Europe and other regions over several months. Malware’s operators used brute-force methods to guess weak passwords associated with Microsoft. The malware appears to be a modified version of the XMRig malware, which has become increasingly popular among hackers as a way to mine for virtual currency, especially monero. Researchers determined that the location of the final payload and the IP address of the downloader component had been hard-coded into the malware. This, in turn, pointed to a small Iranian-based software company.”]
Source: https://www.databreachtoday.com/cryptomining-campaign-linked-to-iranian-software-firm-a-15821