Cyber Security News

MrbMiner Malware (cryptocurrency miners) Infected Thousands of MSSQL Databases

Hello everyone here we are talking about MrbMiner malware, actually the experts of Chinese company Tencent Security spoke about this nasty MrbMiner Malware installed cryptocurrency miners on (MSSQL) Microsoft SQL Server. According to the specialist of tensent company, huge number of MSSQL database has been already infected by MrbMiner Malware.

Now a days a new top security headlines are on fire about this malicious cryptocurrency miners. Actually cryptocurrency miners is a nasty program comes under MrbMiner Malware programmed by cyber hackers and the worst part of this flighty program is over a period of a very short time, has managed to hack into and download the malicious crypto-miner on the Microsoft SQL Servers.

Experts says about this nasty malware has managed to effect the large number of machines simply by the scanning the entire web for Microsoft SQL Server (MSSQL) and then after operating brute-force attack on them by attempting several filthy password and use normal users name on the admin account.

Once this filthy MrbMiner Malware infect the machine then the hackers firstly download the assm.exe file and then they use this malicious exe file to gain a foothold in the machine and generate a new fake account that can easily acts as a backdoor for silently access. In this fake account the criminals use the default username and password “@fg125kjnhn987”. at last this nasty infection connect to C&C server and then download an application that can easily extract XMR(Monero) Cryptocurrency by using the infected machine power.


MrbMiner malware has managed to get into MSSQL Server.

Additionally, the security experts of Tencent Security has noticed that the attacks has don only on MSSQL servers. Moreover they also mentioned that the nasty MrbMiner malware control server contains their malicious and nasty malware for ARM and Linux operating system.

Malware variants for Linux and ARM were also found

According to the security experts MrbMiner malware for Linux operating system, the wallet’s address to which the malicious malware transferred Monero. the address of Monero wallet has approximately $300 (3.38XMR) which clearly means the Linux malware is already in use. in spite of the fact that all the details of these cyber attacks are still unenlightened. In turn to, the wallet used by the Microsoft SQL Server (MSSQL) version of nasty MbrMiner malware restrain $630 (7 XMR). despite the fact that these amounts are very small, cyber criminals generally use various wallets for their filthy work, so the entire malicious MbrMiner malware group is only with motive to earn huge amount of illegal’s profit.

About the author


Leave a Comment