Malware exploits weak passwords in PostgreSQL for cryptojacking
New malware has been uncovered that targets databases to install cryptocurrency mining software. Dubbed PG_MEM, the malware could potentially hit any of the more than 800,000 PostgreSQL-managed databases if they have weak passwords.
According to cloud-native cybersecurity company Aqua, PG_MEM is installed after a brute force attack finds a weak password on a PostgreSQL-managed database. PostgreSQL is a popular object-relational database management system that is used by databases with internet connectivity. There are well over 800,000 such databases, with almost 300,000 located in the United States and over 100,000 in Poland.
Malware sends spare compute to a mining pool
Once the threat actor has gained entry to a database, it creates a new user with login capability and high privileges. It downloads two files from the threat actor’s server and even manages to cover its tracks and block entry to other threat actors eager to exploit the database’s computing capacity. This could be happening often:
“This campaign is exploiting internet facing Postgres databases with weak password. Many organizations connect their databases to the internet, weak password is a result of a misconfiguration, and lack of proper identity controls. This is not a rare issue and many large organizations suffer from these problems.”
The malware, once operational, connects to a mining pool and uses the host’s computing resources, combined with those of other miners, to increase the chances of mining a new block.
Related: Windows tool targeted by hackers deploys crypto-mining malware
A growing problem — or solution
The use of malware to mine cryptocurrency is known as cryptojacking . Cryptojacking malware can be installed on personal computers as well. It is becoming more frequent. Cointelegraph noted that crypto malware attacks rose by 400% year-on-year in the first half of 2023.
Unused capacity can be harnessed by rightful hardware users for mining or other uses. Decentralized cloud infrastructure provider Aethir, for example, operates a GPU-as-a-service decentralized physical infrastructure network (DePIN) that sources compute from tier 3 and tier 4 data centers to provide inexpensive, scalable computing service to its clients.
Magazine: Weird ‘null address’ iVest hack, millions of PCs still vulnerable to ‘Sinkclose’ malware: Crypto-Sec
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
REEFUSDT is Now Available on Futures
Bitget launched REEFUSDT futures on September 20 , 2024 (UTC+8) with a maximum leverage of 50x. Welcome to try futures trading via our official website (www.bitget.com) or Bitget APP. REEFUSDT-M perpetual futures: Parameters Details Listing time September 20, 2024 18:30 (UTC+8) Underlying asset REE
Is The Uptober Bull Run Starting? AI Cryptos Jump 8%, Meme Coins Surge 7% As ETH And SOL Soar
MetaCene (MAK): Unlocking Real Value in Virtual Worlds
What is MetaCene (MAK)? MetaCene (MAK) is a play-to-earn game that offers an innovative economic ecosystem where players can earn cryptocurrency and NFTs through various in-game activities. MetaCene provides players with a rich, immersive gaming experience set in a futuristic world where players ca
Trending news
MoreCrypto prices
More
