Asec, a cybersecurity firm, discovers a new type of malware designed to exploit poorly managed Microsoft SQL servers.
The malware uses a technique called CLR stored procedure to install malware on them using the xp_cmdshell command.
This new piece of code allows attackers to execute commands in a Windows command shell and receive an instruction as input for execution.
Examples of the malware include backdoors, coin miners, and proxyware.
It can also execute malicious commands received from threat actors in a way similar to WebShell.
According to Asec, this is the latest addition to the list of ransomware and cryptocurrency miners that can be found in SQL servers infected with this new kind of nasty code.
CVE-2015-0167 describes the capabilities of this new class of malware in more detail
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply