- Chinese Hackers Target Servers With Three Types of Malware
The security researchers GuardiCore said that Chinese Hackers Target Servers with Three Types of Malware. According to the latest report the, group is operating worldwide and has been observed launching multiple attacks over the past several months. Each of the three malware families employed – Hex, Hanako, and Taylor – is targeting different SQL servers and has its own goals, scale and target services. According to GuardiCore, a campaign targeting a single server has started in March of this year and evolved into thousands of attacks per day during summer, hitting numerous MS SQL Server and MySQL services. The compromised machines were used for various activities, including cryptocurrency mining, distributed denial of service (DDoS), and for implanting Remote Access Trojans (RATs). The hackers are targeting database services on both Windows and Linux machines are targeted. The three campaigns launched from this infrastructure differ mostly in target goals: Hex focuses on cryptocurrency miners and RATs; Hanako builds a DDoS botnet, and Taylor installs a keylogger and a backdoor. To date, the security firm has observed hundreds of Hex and Hanako attacks and tens of thousands of Taylor incidents each month.
Cyber Security Tips: Users are strongly recommended that routinely review the list of machines that have access to your databases, keep this list to a minimum and pay special attention to machines that are accessible directly from the internet, keep using reputed security suits and keep systems up-to-date.