Security News > 2022 > July > Microsoft SQL servers hacked to steal bandwidth for proxy services
Threat actors are generating revenue by using adware bundles, malware, or even hacking into Microsoft SQL servers, to convert devices into proxies rented through online proxy services.
To steal a device's bandwidth, the threat actors install software called 'proxyware' that allocates a device's available internet bandwidth as a proxy server that remote users can use for various tasks, like testing, intelligence collection, content distribution, or market research.
Botters also love these proxy services as they gain access to residential IP addresses that have not been blacklisted from online retailers.
Once the proxyware is installed on a device, the software adds it as an available proxy that remote users can use for whatever task they want on the Internet.
Among the more common threats for Microsoft SQL servers are cryptocurrency coin miners that perform cryptojacking.
Microsoft SQL servers are usually located in corporate networks or data centers with abundant Internet bandwidth that proxy services can sell for illegal purposes.
News URL
Related news
- Ukraine claims it hacked Russian Ministry of Defense servers (source)
- Microsoft confirms Windows Server issue behind domain controller crashes (source)
- Microsoft releases emergency fix for Windows Server crashes (source)
- Microsoft confirms memory leak in March Windows Server security update (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- Germany warns of 17K vulnerable Microsoft Exchange servers exposed online (source)
- These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb (source)
- Microsoft: Copilot ‘app’ on Windows Server mistakenly added by Edge (source)