Microsoft SQL server hacked, bandwidth stolen

< div> introduction: Microsoft SQL server was hacked, bandwidth is stolen, the user is unable to detect.The information age, is particularly important to protect the safety of data.< / div>< div> hacker through the use of advertising packages, malicious software, even invaded Microsoft SQL Server, converts the computer Server through online proxy Server, so as to generate revenue.< / div>< div> in order to steal the bandwidth of the equipment, the hackers to install a software called "proxyware", the software will equipment available Internet bandwidth allocation for the proxy server, remote users can be used for a variety of tasks, such as < / div>< div>< div> test < / div>< / div>< div>, intelligence gathering, content distribution or market research.Botters also like to use the proxy service, because access so that they can not be online retailers blacklisted residential < / div>< div>< div> IP address < / div>< / div>< div>.< / div>< div> in return for sharing the bandwidth, the owner of the equipment can smoke from charge to the customer.Peer2Profit service show, for example, by the user in the company's software installed on thousands of devices, highest can earn $6000 a month.< / div>< br>< img SRC="/ / img.inotgo.com/imagesLocal/202207/30/202207301053163113_4.png" Alt="" loading=" lazy ">< br>< div> according to south Korean researchers Ahnlab company, according to a new report released today comes a new malicious software, the software by installing the agent software to use the network bandwidth of the victims to make money.Hackers through setting email address for the user to gain bandwidth compensation, and the user may only detect or connection sometimes slow network speed.< / div>< div> on the device hidden proxy client < / div>< div> Ahnlab company observed that hackers by bundling advertising packages and other malicious software, such as Peer2Profit and IPRoyal service agent software installed.< / div>< div> malware check whether agent client runs on a host computer, if discontinued, it can use & amp;quot;P2p_start () & have spentFunction to start.< / div>< br>< img SRC="/ / img.inotgo.com/imagesLocal/202207/30/202207301053163113_5.png" Alt="" loading=" lazy ">< br>< div> & amp;nbsp;< / div>< div> for IPRoyal The & have spentPawns, prefer to install malicious software client & have spentCLI Version rather than & have spentGUI Version, because its purpose is to let the process run hidden in the background.< / div>< br>< img SRC="/ / img.inotgo.com/imagesLocal/202207/30/202207301053163113_2.png" Alt="" loading=" lazy ">< br>< div> & amp;nbsp;< / div>< div> in recent observations, hackers use DLL form of Pawns, in the form of encoded string to provide their email and password, and & have spent&quot;The Initialize () & have spent"And & amp;quot;StartMainRoutine () & have spent&quot;Function to start.< / div>< br>< img SRC="/ / img.inotgo.com/imagesLocal/202207/30/202207301053163113_0.png" Alt="" loading=" lazy ">< br>< div> agent software installed on the equipment, the software will add it as available agents, the remote user can use it to make any operation on the Internet.This also means that other hackers can unwittingly use these victims agent for illegal activities.< / div>< div> Microsoft  infection;SQL server < / div>< div>, according to a report Ahnlab malware operators use this solution to generate revenues, also to the vulnerable & have spentMS - SQL Server installation & have spentPeer2Profit & have spentThe client.< / div>< div> this kind of situation since 2022 & have spentYears & have spent6 & have spentMonth has been happening, retrieved from the infected system most logs are showed the presence of a known as the "SDK. MDF" & have spentUPX Package database files.< / div>< br>< img SRC="/ / img.inotgo.com/imagesLocal/202207/30/202207301053163113_1.png" Alt="" loading=" lazy ">< br>< div> in Microsoft The threat of SQL server is more common currency was hijacked and encryption monetary miners mining background, there are hackers through Cobalt Strike the beacon will server as ShuNiuDian into the network.&nbsp;< / div>< div> using the reasons behind the agent software client may not be found, so that we can get more profits.However, it is unclear what the hacker by how much money this way.< / div>< img SRC="/ / img.inotgo.com/imagesLocal/202207/30/202207301053163113_3.png" Alt="" loading=" lazy ">< br>< div> in today's information age, the data is a very valuable resource.Microsoft SQL Server is usually located in the company have abundant bandwidth or data center network, malicious proxy services after the illegal access to sell it for illegal orders and profits.But we can in the face of the hacker's attack by "< / div>< div>< div> IP proxy detection < / div>< / div>< div>" or "risk" portrait to identify the VPN, agent, or Tor connection, in order to protect our data security.