"Skip-2.0" security flaw discovered on Microsoft SQL-Server SGBD

"Skip-2.0" security flaw discovered on Microsoft SQL-Server SGBD

October 26, 2019 Off By admin

Access attacks occur when a person outside a computer system tries to break into an account of one of the users or any computer resource in that system illegally.

That is, by using fraudulent means, diverted from the normal route.

This is hacking yes, however access attacks are based on existing vulnerabilities in the information system that needs to be hacked. This can include authentication services, or FTP services and other web-related services that can allow hackers to access online services where they can access multiple confidential data or resources with fairly sensitive information.

This article will also interest you: Candiru, the company that is paid to hack Apple and Microsoft

The company specializing in computer security Based in Slovakia, Bratislava, known as ESET, informed the implementation a malicious computer program called Skip 2. 0. This program it has the functionality of modifying databases Microsoft SQL – Server (MSSQL), and this "by creating a mechanism access to a backdoor that allows hackers to connect to any account using a "magic password." »

A cyberespionage group is already suspected of having used this malware as well as its main feature. This would be the hacker group called "Winnti". And in all likelihood, they are the basis of this "Malware anti-virus" virus. Indeed their goal is simple, it is to push their victims, who will think they have been victims of computer attacks, when this is really the case, except that on a limited scope, but afraid of greater consequences, will pay a false license of security program. This would obviously open the breach skip 2. 0.

According to a report published by the computer security company, hackers are using this backdoor to activate a computer system infection companion in order to set up a larger chain of destruction. "This backdoor not only allows the threat actor to persist in the victim's MSSQL server through the use of a special password, but also not to be detected by the multiple mechanisms of publication of event logs that are disabled when that password is used," comments Mathieu Tartare, an ESET researcher who investigates the "Winnti" hacker group.

It is known that the backdoor could allow any hacker with access to the latter to have a number of privileges on the victim's databases. In fact, it could then delete the files modify them or even copy them stealthily without them even realizing it. For their security society is in the prevention phase. Currently they have announced that they are developing a parade to counter these hackers and their backdoor.

Now access an unlimited number of passwords:

Check out our hacking software