Sunday , 10 November 2024
Home Kripto Cryptocurrency Mining Malware Targets PostgreSQL Databases with Weak Passwords
Kripto

Cryptocurrency Mining Malware Targets PostgreSQL Databases with Weak Passwords

Cryptocurrency Mining Malware Targets PostgreSQL Databases with Weak Passwords

A newly identified malware, dubbed PG_MEM, is compromising PostgreSQL databases by exploiting weak passwords to install cryptocurrency mining software. According to Aqua, a cloud-native cybersecurity firm, this malware could potentially affect any of the over 800,000 PostgreSQL-managed databases worldwide if they are not adequately secured.

The PG_MEM malware initiates its attack through a brute-force method to decipher weak passwords of PostgreSQL databases—an open-source object-relational database management system widely used for internet-connected databases. Once access is gained, the malware sets up a new user with elevated privileges and downloads necessary files to initiate crypto mining operations. It also cleverly covers its tracks and blocks other potential attackers from accessing the compromised database’s computing power.

The United States and Poland are notably affected, hosting nearly 300,000 and over 100,000 PostgreSQL databases, respectively. The widespread issue of weak passwords, often resulting from configuration errors or inadequate identity controls, exposes numerous organizations to this threat. This vulnerability underscores a critical oversight in cybersecurity practices within many large and potentially smaller organizations.

Mechanics of Cryptojacking

Once active, PG_MEM connects the compromised database to a mining pool, leveraging the collective computing power of multiple infected hosts to enhance the probability of mining new cryptocurrency blocks. This practice, known as cryptojacking, is becoming increasingly common and represents a significant threat not only to organizational operations but also to individual users whose personal computers may be targeted.

Cryptojacking incidents have seen a dramatic increase, with attacks rising by 400% in the first half of 2023 alone, as reported by Cointelegraph. This surge highlights the growing allure of cryptocurrencies for cybercriminals who exploit unsecured or poorly secured systems to generate income through illicit mining operations.

Alternative Uses of Unused Computing Capacity

While malware exploits unused computing capacity for nefarious purposes, legitimate uses of this capacity are also prevalent. Companies like Aethir provide decentralized cloud infrastructure services, utilizing underused resources from tier 3 and tier 4 data centers. This GPU-as-a-service model offers cost-effective, scalable computing solutions, contrasting sharply with the unauthorized use of resources by malware such as PG_MEM.

The emergence of PG_MEM as a significant threat to PostgreSQL databases globally calls for heightened cybersecurity measures, particularly focusing on stronger password protocols and identity verification processes. Organizations are advised to review and strengthen their database security to prevent unauthorized access and potential exploitation.

The PG_MEM malware represents a growing trend in cyber threats where attackers exploit weak security practices to install crypto mining software. As organizations increasingly connect their databases to the internet, the need for robust cybersecurity measures has never been more critical. Addressing these vulnerabilities can help mitigate the risk of cryptojacking and safeguard valuable computing resources.

Related Articles

Roblox Introduces Stricter Content Ratings and Social Limits for Kids Under 13
Kripto

Roblox Introduces Stricter Content Ratings and Social Limits for Kids Under 13

Roblox is taking steps to make its platform safer for young users,...

TikTok’s “Share to TikTok” Connects Directly with Spotify, Apple Music
Kripto

TikTok’s “Share to TikTok” Connects Directly with Spotify, Apple Music

TikTok is making it simpler to share your favorite tracks with its...

France’s Gaming Authority Reviews Crypto Betting Platform Polymarket for Potential Ban
Kripto

France’s Gaming Authority Reviews Crypto Betting Platform Polymarket for Potential Ban

France’s gambling regulator, the Autorité nationale des jeux (ANJ), is scrutinizing the...

Australia Plans World-First Ban on Social Media for Children Under 16
Kripto

Australia Plans World-First Ban on Social Media for Children Under 16

Australian Prime Minister Anthony Albanese has announced new legislation aiming to prohibit...