Security News > 2024 > January > Hackers target Microsoft SQL servers in Mimic ransomware attacks
![Hackers target Microsoft SQL servers in Mimic ransomware attacks](/static/build/img/news/hackers-target-microsoft-sql-servers-in-mimic-ransomware-attacks-medium.jpg)
A group of financially motivated Turkish hackers targets Microsoft SQL servers worldwide to encrypt the victims' files with Mimic ransomware.
"The timeline for the events was about one month from initial access to the deployment of MIMIC ransomware on the victim domain."
"Mimic will drop the Everything binaries used to aid the encryption process. The Mimic dropper in our case 'red25.exe,' dropped all of the necessary files in order for the main ransomware payload to complete its objectives," Securonix said.
Securonix exposed another campaign targeting MSSQL servers last year using the same brute force initial access attack vector and deploying FreeWorld ransomware.
New Mimic ransomware abuses 'Everything' Windows search tool.
Paraguay warns of Black Hunt ransomware attacks after Tigo Business breach.
News URL
Related news
- Meta, Microsoft SQL Server make strange bedfellows on a couch of cyber-pain (source)
- Microsoft links Scattered Spider hackers to Qilin ransomware attacks (source)
- Hackers attack HFS servers to drop malware and Monero miners (source)
- North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks (source)
- US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks (source)
- U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals (source)
- Oracle WebLogic Server OS Command Injection Flaw Under Active Attack (source)
- Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine (source)
- London hospitals left in critical condition after ransomware attack (source)
- Major London hospitals disrupted by Synnovis ransomware attack (source)