MrbMiner ! Havocing SQL databases

Thousands of Microsoft SQL Servers (MSSQL) have been found to be infected by a new malware gang, named this new malware gang which is hacking into the servers and installing a crypto-miner, MrbMiner.

The cybercriminal group is so named after one of the domains used by it to host their malware.

The hackers blasted in through the weak password of the SQL Servers and then released the crypto-miner on target systems,


“MrbMiner mining Trojan will carefully hide itself to avoid being discovered by the administrator,” the company said in a blog post earlier this month.

“The Trojan will monitor the task manager process. When the user starts the ‘task manager’ process to view the system, the mining process will immediately exit and delete related files,” .

Researchers discovered the Linux system and ARM system-based mining Trojan files on the FTP File Transfer Protocol) server of the MrbMiner mining Trojan, speculating that MrbMiner has cross-platform attack capabilities.