Security News > 2022 > July > Microsoft SQL servers hacked to steal bandwidth for proxy services

Threat actors are generating revenue by using adware bundles, malware, or even hacking into Microsoft SQL servers, to convert devices into proxies rented through online proxy services.
To steal a device's bandwidth, the threat actors install software called 'proxyware' that allocates a device's available internet bandwidth as a proxy server that remote users can use for various tasks, like testing, intelligence collection, content distribution, or market research.
Botters also love these proxy services as they gain access to residential IP addresses that have not been blacklisted from online retailers.
Once the proxyware is installed on a device, the software adds it as an available proxy that remote users can use for whatever task they want on the Internet.
Among the more common threats for Microsoft SQL servers are cryptocurrency coin miners that perform cryptojacking.
Microsoft SQL servers are usually located in corporate networks or data centers with abundant Internet bandwidth that proxy services can sell for illegal purposes.
News URL
Related news
- Hijacked Microsoft web domain injects spam into SharePoint servers (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Oracle says "obsolete servers" hacked, denies cloud breach (source)
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)
- Microsoft fixes Windows Server 2025 blue screen, install issues (source)
- Oh, cool. Microsoft melts bug that froze Server 2025 Remote Desktop sessions (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft: Windows Server hotpatching to require subscription (source)
- Microsoft: April updates cause Windows Server auth issues (source)
- FBI: End-of-life routers hacked for cybercrime proxy networks (source)