Researchers find stealthy MSSQL server backdoor developed by Chinese cyberspies

Chinese cyberspies have developed malware that alters Microsoft SQL Server (MSSQL) databases and creates a backdoor mechanism that can let hackers connect to any account by using a “magic password.”

Furthermore, as an added benefit, the backdoor also hides user sessions inside the database’s connection logs every time the “magic password” is used, helping hackers remain undetected even when administrators may suspect something is wrong.

In a report published today, ESET said hackers deployed the backdoor as a post-infection tool, after compromising networks through other methods.

Read more…
Source: ZDNet