Trending

Stories

New Cybercriminal FARGO Ransomware Activity Targets Microsoft SQL Servers Says ASEC

Must Read

Yusuf Balogun
Yusuf Balogunhttps://mssg.me/q19uh
Yusuf is a fresh law graduate and freelance journalist with a special interest in tech reporting. He joined the tech sphere in 2019 and has written several articles. He believes in tech innovations as an aspiring health law expert, in the future, Yusuf hopes to use the same for solving global health challenges.

A report from the security analysis team of AhnLab Security Emergency Response Center (ASEC) has revealed today a new cybercriminal activity distributing FARGO ransomware that targets vulnerable Microsoft SQL servers. This inflicting issues on it can mean big problems for businesses.

According to ASEC, the infection comes when the MS-SQL process downloads a .NET file through cmd.exe and powershell.exe. This file then downloads and loads additional malware, resulting in generating and executing a BAT file that ends specific processes and services.

Also Read

According to ASEC, the malware infects AppLaunch.exe, a typical Windows software, to start acting maliciously. Additionally, it runs the recovery deactivation command, attempts to delete a registry key on a certain path, and ends some processes.

ASEC researchers further noted that the ransomware encrypts files but leaves out parts of them, such as directories and extensions, to keep some portions of the system accessible. The distinctive feature is that it excludes files with a file extension connected to Globeimposter. According to ASEC, this exclusion list contains not only the same sort of extensions used by FARGO, FARGO 2, and FARGO 3 but also FARGO 4, which is believed to be a future version of the ransomware.

The ransom letter generated by the ransomware will then emerge with the file name “RECOVERY FILES.txt,” and the crooks will rename the encrypted files using the FARGO 3 extension. If the victims attempt to repair the issue on their own using third-party software, they will notice threats in the warning that their system’s file will be permanently erased. Cybercriminals also threaten to release the information into the public domain if the victims decline to pay the ransom.

In addition to unpatched vulnerabilities, ASEC noted that weak account credentials frequently make database servers like MS-SQL and MySQL servers the subject of brute force and dictionary assaults. The analysis team concluded that it might be avoided by resolving the problems and taking extra precautions to protect passwords.

Accordingly, ASEC finally suggested that to protect the database server from brute force attacks and dictionary attacks, MS-SQL servers administrators should use challenging passwords to guess for their accounts and change them regularly. They should also update to the most recent patch to fend off vulnerability attacks.

Stay updated

Subscribe to our newsletter and never miss an update on the latest tech, gaming, startup, how to guide, deals and more.

Latest

Stories

- Advertisement -
- Advertisement -

Latest

Grow Your Business

Place your brand in front of tech-savvy audience. Partner with us to build brand awareness, increase website traffic, generate qualified leads, and grow your business.

- Advertisement -

Related

- Advertisement -
- Advertisement -
Xiaomi 13 Ultra Global Launch: Offers, Price, Specs Meta Unveils Quest 3 VR Headset, Reduces Price for Quest 2 Foxconn to Manufacture iPhones in Karnataka, India: Creating 50,000 Jobs Amazon Echo Pop: Stylish Semi-Sphere Smart Speaker in India Redmi Display A27: Affordable 27 Inches Monitor with 100Hz Refresh Apple Music Classical App Now Available on Android WhatsApp’s Companion Mode: Same Account, Multiple Devices Nvidia & MediaTek Collaborate on Connected Car Tech Sony Unveils Project Q: A Next-Gen Handheld Game Console Snapchat Hits 200M+ Users in India, Introduces AI Chatbot
Xiaomi 13 Ultra Global Launch: Offers, Price, Specs Meta Unveils Quest 3 VR Headset, Reduces Price for Quest 2 Foxconn to Manufacture iPhones in Karnataka, India: Creating 50,000 Jobs Amazon Echo Pop: Stylish Semi-Sphere Smart Speaker in India Redmi Display A27: Affordable 27 Inches Monitor with 100Hz Refresh Apple Music Classical App Now Available on Android WhatsApp’s Companion Mode: Same Account, Multiple Devices Nvidia & MediaTek Collaborate on Connected Car Tech