Hackers Attack MySQL Servers on Windows to Deliver GandCrab Ransomware

From gbhackers.com

GandCrab Ransomware

GandCrab Ransomware is one of the most Prevalent Ransomware that holds about 40% of the ransomware market share. It was distributed through various form of attacks such as social media campaigns, exploit kit, weaponized office documents, and compromised websites.

Sophos researchers spotted a new GandCrab Ransomware campaign that targets Internet-facing MySQL servers on Windows.

The attack starts by injecting a small malicious DLL file to the database server by using SQL database commands and then to invoke the DLL to retrieve the ransomware payload hosted on the attacker’s server.

Read more…