Crisis or not, the cryptocurrency mining remains a major activity for cybercriminals. The malicious campaign Vollgar thus relies on the installation of different malware, including an cryptominer.
Security researchers at Guardicore Labs have actually baptized Vollgar this campaign, which began in May 2018. Vollgar is the contraction of Vollar, a cryptocurrency mined by malware, and "vulgar" (Nldr: coarse).
The cybercriminals behind these attacks are in fact not delicacy. To infect Microsoft SQL servers accessible from the Internet, hackers use brute force. Using a technique called "brute-force", they can crack the servers' insufficiently strong passwords.
Vollgar has been particularly active in recent weeks with a number of daily infections of between 2,000 and 3,000. The targets, meanwhile, are servers based mainly in China, India, Turkey, South Korea and the United States.
To monetize these infections on a large scale, hackers will notably install a cryptominer, a software mining the Monero and Vollar (combining elements of Monero and Ethereum). And there is no question of sharing the computing power of the machine with other cybercriminals.
As a result, attacker Vollgar is making numerous efforts both to wipe out the activity of other threat actors and to erase their tracks, "observes Guardicore Labs.
And the reason is simple: "Being the only attacker on a machine is powerful – your malware gets the most resources, such as bandwidth and processor power, and access is only available through your back doors. . "
The security firm recalls that it is highly inadvisable to expose database servers on the Internet. However, in the event of an infection, the publisher recommends placing the server in quarantine immediately to prevent further compromises within the network.
Finally, administrators must imperatively implement strong passwords to protect themselves from brute force attacks. Unusual processor usage should also alert them to the presence of a cryptominer.
It is common for cybercriminals to install this type of software to diversify their income. Monero, because of its confidentiality, is thus a cryptocurrency prized by pirates. According to a study published in 2019, nearly 4% of Monero's total supply allegedly extracted by hackers via illegitimate crypto-mining software.
Mining on RTX 3070. Overclocking, tuning, profitability, consumption: If you are interested in finding more…
Mining with GTX 1660, 1660 Ti, 1660 Super. Overclocking, settings, consumption, profitability, comparisons - If…
Mining with RTX 2070 and 2070 Super. Overclocking, profitability, consumption, comparison What the RTX 2070…
Mining with RTX 3060, 3060 Ti. Limitations, overclocking, settings, consumption, profitability, comparison Let's look at…
Alphacool Eisblock Aurora Acryl GPX-A (2022) with Sapphire Radeon RX 6950 XT Nitro+ Pure in…
In the ever-evolving landscape of business strategy, Bitcoin has emerged as a pivotal asset. With…
This website uses cookies.