A New Backdoor Found in Microsoft SQL Server

By

The backdoor can be used to steal sensitive information.

Security researchers at ESET have found a backdoor in Microsoft SQL server that allows an attacker to control a system remotely.

“Dubbed Skip-2.0, the backdoor malware is a post-exploitation tool that runs in the memory and lets remote attackers connect to any account on the server running MSSQL version 11 and version 12 by using a magic password," reported The Hacker News.

The malware remains completely undetected on a user’s SQL Server, as it disables the logging functions, event publishing, and audit mechanisms.

By remaining stealth, the attackers leverage the malware to copy, modify, or delete the content stored in a database.

"This could be used, for example, to manipulate in-game currencies for financial gain. In-game currency database manipulations by Winnti operators have already been reported," researchers said.

10/22/2019

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=