MrbMiner ! Havocing SQL databases

Thousands of Microsoft SQL Servers (MSSQL) have been found to be infected by a new malware gang, named this new malware gang which is hacking into the servers and installing a crypto-miner, MrbMiner.

The cybercriminal group is so named after one of the domains used by it to host their malware.

The hackers blasted in through the weak password of the SQL Servers and then released the crypto-miner on target systems,


“MrbMiner mining Trojan will carefully hide itself to avoid being discovered by the administrator,” the company said in a blog post earlier this month.

“The Trojan will monitor the task manager process. When the user starts the ‘task manager’ process to view the system, the mining process will immediately exit and delete related files,” .

Researchers discovered the Linux system and ARM system-based mining Trojan files on the FTP File Transfer Protocol) server of the MrbMiner mining Trojan, speculating that MrbMiner has cross-platform attack capabilities.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s