As an analyst with over two decades of experience in cybersecurity, I can confidently say that the discovery of PG_MEM malware targeting PostgreSQL databases is a stark reminder of the ever-evolving threat landscape we face. The malicious use of weak passwords and cryptojacking techniques is becoming increasingly prevalent, with attacks like these increasing by 400% in just half a year.
A new type of malware called PG_MEM has been discovered that targets PostgreSQL, a popular database system that is widely used online.
As reported by the cybersecurity firm Aqua, they’ve found that attackers exploit vulnerable passwords to install software used for cryptocurrency mining, potentially endangering more than 800,000 databases in the process.
Recently, Aqua Nautilus discovered a covert malware named PG_MEM that specifically targets PostgreSQL databases! 🚨 This sneaky threat employs brute force tactics, covers its footprints, and even mines cryptocurrency without detection.
Curious about how it operates and, more crucially, how to counteract it? 🤔…
— Aqua Security (@AquaSecTeam) August 21, 2024
PG_MEM functions by attempting to decipher weak passwords in order to breach databases. Upon successful entry, it generates a new account with elevated permissions. Subsequently, this malicious software sets up mining software and links it to a mining network.
In simpler terms, this implies that a contaminated database is secretly utilized for digital currency mining, with the malware concealing its existence and securing the system against other hackers’ intrusions.
It’s increasingly frequent for malicious software (malware) to covertly utilize a computer’s resources to generate cryptocurrency, a practice known as cryptojacking. Recent findings indicate that such activities have surged by an astonishing 400% during the first six months of 2023 alone. This underscores the importance of enhancing security measures in order to safeguard against these types of cyber threats.
Some firms are addressing this matter by providing alternatives such as Aethir’s decentralized cloud system. By leveraging underused computational resources from data centers, they offer cost-effective and adaptable computing resources, thereby minimizing the chances of misuse or exploitation.
Read More
Sorry. No data so far.
2024-08-22 03:48