Hackers are selling more than 85,000 MySQL databases on a dark web portal for just $550 per database.
SQL is a domain-specific language used in programming and designed for managing data held in a relational database management system. MySQL is an open-source relational database management system (RDBMS).
Researchers at Guardicore Labs uncovered a year-long ransomware campaign targeting millions of internet-facing MySQL databases.
The portal where these 85,000 MySQL databases are available is part of this database ransomware campaign, reports ZDNet.
“Hackers break into databases, steal their content, hold it for ransom for 9 days, and then sell to the highest bidder if the database owner doesn’t want to pay the ransom demand,” the report said.
Basically, if victims don’t pay within a nine-day period, their data is put up for auction on another section of the portal.
Hackers are demanding the ransomware money in Bitcoins.
“The actual price has varied across the year has usually remained centered around a $500 figure for each site, regardless of the content they included”.
Both the database intrusions and the ransom/auction web pages are automated “and attackers don’t analyze the hacked databases for data that could contain a higher concentration of personal or financial information”.
–IANS