March 16th, 2018 By Catalin Cimpanu
A new type of attack has been discovered targeting PostgreSQL databases, in which malware authors are using an image of Hollywood actress Scarlett Johansson to hide a cryptocurrency miner they intend to run on the DB's underlying server.
The attack has been observed in a honeypot server ran by Imperva researchers. Experts say crooks gained access to a PostgreSQL database user account, where they executed payloads found in the Metasploit framework's PostgreSQL module.
This module lets the attacker escalate his access from the DB process to the underlying server OS, while also staying under the radar of DAM (database audit monitoring) solutions.
Full Article.
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.