New malware, named PG_MEM, has been discovered targeting databases to install cryptocurrency mining software. This malware poses a threat to over 800,000 PostgreSQL-managed databases, particularly those with weak passwords.
According to the cloud-native cybersecurity firm Aqua, PG_MEM infiltrates a PostgreSQL database after a successful brute-force attack uncovers a weak password. PostgreSQL, a widely-used object-relational database management system, is frequently connected to the internet, with a significant number of these databases – nearly 300,000 in the United States and over 100,000 in Poland – potentially at risk.
Read more: Wyoming Blockchain Symposium VC Panel: Next Cycle’s Top Picks
Once the attacker gains access, they create a new user with login privileges and high-level access. They then download two files from their server and secure their control by blocking access to other potential attackers. This kind of vulnerability is common: “This campaign targets internet-facing Postgres databases with weak passwords. Many organizations mistakenly expose their databases to the internet, leading to weak passwords due to misconfiguration and poor identity controls. Unfortunately, this isn’t an uncommon issue, and even large organizations can be affected.”
After the malware is operational, it connects to a mining pool, utilizing the compromised host’s computing power – along with other compromised systems – to increase the chances of successfully mining a cryptocurrency block.
Cryptojacking, the practice of using malware to mine cryptocurrency, is on the rise. Cryptojacking malware can also infect personal computers and has become increasingly prevalent. Cointelegraph reported a 400% increase in crypto malware attacks during the first half of 2023 compared to the previous year.
Read more: 2018 Fraud Case May Influence Solana ETF Approval, Says VanEck Executive
Unused computational capacity can be repurposed for legitimate uses, such as cryptocurrency mining or other tasks. For instance, Aethir, a decentralized cloud infrastructure provider, operates a GPU-as-a-service decentralized physical infrastructure network (DePIN). This network taps into the compute resources from tier 3 and tier 4 data centers, offering affordable and scalable computing services to clients.
Cre: cointelegraph.
I’m Jessi Lee, currently living in Singapore. I am currently working as a trader for AZCoin company, with 5 years of experience in the cryptocurrency market, I hope to bring you useful information and knowledge about virtual currency investment.
Email: [email protected]
