Saturday, March 2, 2024

newslınker tv

Top 5 This Week

Related Posts

MS SQL Servers Targeted by Turkish Hackers for Ransomware Attacks

Highlights

  • RE#TURGENCE campaign targets MS SQL servers.

  • Turkish threat actors focus on US, EU, LATAM.

  • Ransomware attack ends with MIMIC payload delivery.

A sophisticated cyberattack campaign, dubbed RE#TURGENCE, has been detected, where malicious actors are breaching MS SQL servers to inject MIMIC ransomware. The masterminds behind this operation, believed to be Turkish hackers motivated by financial gain, are primarily focusing on entities within the United States, the European Union, and Latin American countries.

Attack Strategy and Access Exploitation

The attackers exploit a common server procedure to forcibly penetrate servers, subsequently executing shell commands. This aggressive strategy not only compromises server integrity but also enables the delivery of malicious payloads. The procedure exploited is typically disabled by default for security purposes, illustrating the necessity for stringent server protection measures.

Execution of Ransomware Attacks

Upon successful command execution, the assailants use a PowerShell script to transition to the next attack phase. Despite attempts at obfuscation, the script primarily focuses on downloading the Cobalt Strike payload. The threat actors then utilize legitimate administrative tools to expand their reach within the network, ultimately deploying the MIMIC ransomware on multiple machines, including domain controllers and other hosts within the domain.

The MIMIC ransomware was first identified in early 2023 and has since gained notoriety for its meticulous operation, which includes the removal of all binaries used during the encryption process. Upon completion, a ransom note is left on the victim’s device, marking the culmination of the attack.

NEWSLINKER
NEWSLINKER
NEWS LINKER is your premier source for the latest in business, finance, science, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Dive deep into the world of cutting-edge developments, breakthroughs, market trends, and game-changing innovations..

Popular Articles