Thousands of Microsoft SQL Servers have been found to be infected by a new malware gang, the cybersecurity arm of Chinese tech giant Tencent has warned.
Tencent Security has named this new malware gang which is hacking into the servers and installing a crypto-miner, MrbMiner, ZDNet reported on Wednesday.
The cybercriminal group is so named after one of the domains used by it to host their malware.
The hackers blasted in through the weak password of the SQL Servers and then released the crypto-miner on target systems, according to Tencent Security.
“MrbMiner mining Trojan will hide itself to avoid being discovered by the administrator,” the company said in a blog post earlier this month.
The Trojan will monitor the task manager process. When the user starts the task manager process to view the system, the mining process will immediately exit and delete related files, it added.
Microsoft was yet to comment on the Tencent report.
Tencent security experts also discovered the Linux system and ARM system-based mining Trojan files on the FTP File Transfer Protocol) server of the MrbMiner mining Trojan, speculating that MrbMiner has cross-platform attack capabilities.
According to the current threat intelligence data, MrbMiner mining Trojan has controlled thousands of servers for network mining, Tencent Security added.
