More than 85,000 MySQL databases obtained by hackers as a result of cyber attacks are put up for sale in the darknet. Attackers demand a ransom of about $550 in BTC for each database.
Hackers hack MySQL databases, download tables, delete originals and leave information demanding redemption, inviting server owners to contact them and pay a ransom to BTC. Attackers set a time frame to force victims to quickly make payments.
“If we do not receive a ransom within the next nine days, we will sell your database to the one who offers the highest price, or otherwise use it,” one of the threats says. So, more than 85,000 databases were MySQL put up for sale in the darknet. Initially, hackers suggested contacting them through email. However, as the number of attacks grew, the operation was automated – attackers began to create websites in the darknet to accept payments.
Hackers usually require a ransom in bitcoins of about $550 for each compromised database. The number of BTCs varies depending on the rate, but the amount of redemption in dollars will remain unchanged.
Information about such attacks appeared throughout 2020. Complaints from server owners who found a demand for redemption in their databases were published on Reddit, MySQL forums, technical support forums, articles on Medium and private blogs.
Recall that recently the servers of one of the Foxconn electronics factories were attacked by the DoppelPaymer encryption virus. Hackers demand a ransom of 1,804 BTC from the company. According to Wakefield Research, the vast majority of companies in the Asia-Pacific region that are victims of the ransomware virus pay ransoms.