As an analyst with over two decades of experience in cybersecurity, I can confidently say that the discovery of PG_MEM malware targeting PostgreSQL databases is a stark reminder of the ever-evolving threat landscape we face. The malicious use of weak passwords and cryptojacking techniques is becoming increasingly prevalent, with attacks like these increasing by 400% in just half a year.
A new type of malware called PG_MEM has been discovered that targets PostgreSQL, a popular database system that is widely used online.
As reported by the cybersecurity firm Aqua, they’ve found that attackers exploit vulnerable passwords to install software used for cryptocurrency mining, potentially endangering more than 800,000 databases in the process.
Recently, Aqua Nautilus discovered a covert malware named PG_MEM that specifically targets PostgreSQL databases! 🚨 This sneaky threat employs brute force tactics, covers its footprints, and even mines cryptocurrency without detection.
Curious about how it operates and, more crucially, how to counteract it? 🤔…
— Aqua Security (@AquaSecTeam) August 21, 2024
PG_MEM functions by attempting to decipher weak passwords in order to breach databases. Upon successful entry, it generates a new account with elevated permissions. Subsequently, this malicious software sets up mining software and links it to a mining network.
In simpler terms, this implies that a contaminated database is secretly utilized for digital currency mining, with the malware concealing its existence and securing the system against other hackers’ intrusions.
It’s increasingly frequent for malicious software (malware) to covertly utilize a computer’s resources to generate cryptocurrency, a practice known as cryptojacking. Recent findings indicate that such activities have surged by an astonishing 400% during the first six months of 2023 alone. This underscores the importance of enhancing security measures in order to safeguard against these types of cyber threats.
Some firms are addressing this matter by providing alternatives such as Aethir’s decentralized cloud system. By leveraging underused computational resources from data centers, they offer cost-effective and adaptable computing resources, thereby minimizing the chances of misuse or exploitation.
Read More
- CRK Boss Rush guide – Best cookies for each stage of the event
- Grimguard Tactics tier list – Ranking the main classes
- Maiden Academy tier list
- Mini Heroes Magic Throne tier list
- Castle Duels tier list – Best Legendary and Epic cards
- Fortress Saga tier list – Ranking every hero
- Kingdom Rush 5: Alliance tier list – Every hero and tower ranked
- Hero Tale best builds – One for melee, one for ranged characters
- DOGE PREDICTION. DOGE cryptocurrency
- Tainted Grail The Fall of Avalon: How To Get Wood
2024-08-22 03:48