all InfoSec news
PurpleFox Being Distributed via MS-SQL Servers
Malware Analysis, News and Indicators - Latest topics malware.news
Using AhnLab Smart Defense (ASD) infrastructure, AhnLab Security Emergency response Center (ASEC) has recently discovered the PurpleFox malware being installed on poorly managed MS-SQL servers. PurpleFox is a Loader that downloads additional malware and is known to mainly install CoinMiners. Particular caution is advised because the malware also includes a rootkit feature to conceal itself.
The initial infiltration method of the recently identified PurpleFox malware involves targeting poorly managed MS-SQL servers. The threat actor executed PowerShell through sqlservr.exe, which is …
ahnlab asd asec center coinminers conceal defense distributed downloads emergency feature infrastructure install loader malware malware analysis managed ms-sql purplefox response rootkit security servers smart sql sql servers