Get a Pentest and security assessment of your IT network.

Cyber Security

Kingminer patches vulnerable servers to lock out competitors

Operators of the cryptojacking botnet Kingminer botnet are applying hot fixes from Microsoft on vulnerable infected computers to lock out other threat actors. The attacks start with brute force on publicly exposed SQL servers until they guess the correct password for the ‘SA’, or system administrator, account. In the end, the attackers get full access to the server via. PowerShell commands that give them a remote web shell and install the miners. The EternalBlue exploit is almost identical with the one used by Powerghost/Wannaminer, another cryptocurrency botnet.

Source: https://www.bleepingcomputer.com/news/security/kingminer-patches-vulnerable-servers-to-lock-out-competitors/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation