Technology Tips

April 02, 2022

 Secure Your SQL Server To Avoid This Malware Infection

Written By Securafy Team

Do you rely on Microsoft SQL and MySQL databases?  If so, be advised that the cybersecurity firm AhnLab recently published a report about a newly emerging threat.

It seems that hackers are now targeting poorly secured Microsoft SQL and MySQLdatabases with a malware strain known as GhostCringe.

If you're not familiar with it, GhostCringe is also known as CirenegRAT. It is a variant of the GhostRAT malware made famous by the Chinese government in a series of attacks in 2020, but dating back to 2018.

Of interest, it seems that the threat actors behind the GhostCringe attack aren't alone.  A forensic analysis of compromised servers indicates that several other malware strains were present. That suggests that competing gangs of hackers were all competing to break into the same databases as part of their own campaigns.

As malware strains go, GhostCringe isn't the worst or most destructive we've seen, but it does make rather aggressive use of its keylogging function. So once any passwords you enter on the system have been compromised, they will be fed directly to the hackers who control the code and that could expose you to a whole world of pain.

This is a genuine threat that should be taken seriously.  The first step in terms of taking it seriously is to make sure your server software is up to date with the latest security patches applied.  In addition to that, please do not make the mistake of either not setting an administrator password or setting one that is weak and easily guessed.

Those are rookie mistakes that are easy to avoid, and you don't want to be the business owner who lost tens of thousands of dollars to a mistake like that.

Finally, be relentless in terms of monitoring all activity on your server including suspicious "reconnaissance" activity which could be a harbinger of things to come.

Picture of Securafy Team
About The Author
Our team at Securafy brings you the best tech tips, from how-to guides and troubleshooting advice to software reviews and productivity hacks. We're all about empowering businesses with the tools and knowledge they need to thrive in the digital world. Follow our posts to stay equipped with practical insights that make tech work for you.

Join the Conversation

Subscribe to our newsletter

Sign up for our FREE "Cyber Security Tip of the Week!" and always stay one step ahead of hackers and cyber-attacks.