"Ransomware Attacks on TargetCompany Compromised Microsoft SQL Servers"

Security experts warn that FARGO ransomware is being used in a new wave of attacks against vulnerable Microsoft SQL servers. MS-SQL servers are database management systems that store data for online services and applications. During similar attacks in February, Cobalt Strike beacons were dropped, and in July, threat actors took over vulnerable MS-SQL servers to steal bandwidth for proxy services. The most recent wave is more destructive, with the goal of blackmailing database owners for a quick and easy profit. FARGO, along with GlobeImposter, is one of the most well-known ransomware variants targeting MS-SQL servers, according to the AhnLab Security Emergency Response Center (ASEC) security researchers. The ".mallox" suffix was previously added to the files encrypted by this malware family, earning it the nickname "Mallox." Furthermore, this strain is the same one that Avast researchers dubbed "TargetCompany" in a February study, emphasizing that information encrypted by it may be retrieved for free in some circumstances. This article continues to discuss the FARGO ransomware being used in recent attacks against MS-SQL servers.

CyberIntelMag reports "Ransomware Attacks on TargetCompany Compromised Microsoft SQL Servers"