<img height="1" width="1" src="https://www.facebook.com/tr?id=1236948446433890&amp;ev=PageView &amp;noscript=1">

StratX IT Healthcare Blog

IT Solutions & Strategies

Windows 7 Already Under Attack - Two ways to stop the attacks fast.

May 29, 2019 by StratX IT

It’s already starting. Security researchers have indicated trends of attacks targeting Windows 7 users running mySQL databases. These Windows databases are being infiltrated with ransomware called GrandCrab (detected as Ransom.Win32.GrandCrab.SMILC) Primarily this infection is utilizing the exposed port 3306.

The attackers are scanning the web with automations that scan internet-facing MySQL databases and are checking to see if these databases are running on Windows 7 operating systems. If so, malicious SQL commands are then dripped into the database that will later be used to retrieve and help execute the ransomware attack. 

This infection is not widespread at the moment, as there have only been 2,300 total detections of the GrandCrab file. However, it is alarming because the creators of GrandCrab were also behind Rig and GrandSoft, two well-know ransomware attacks. It is also known that the creators of GrandCrab have already been detected peddling the ransomware execution services in the cybercriminal underground. Meaning that affiliate cybercriminals can distribute their versions of the ransomware and spam across the web. 

The Windows 7 MySQL database has also been attacked by additional cybercrime labs recently with soft irritations. Cerber and CyberExtortionCampaigns have been targeting poorly secured MongoDB databases where they delete the contents and remove owner profiles. 

 Two-ways-to-stop-a-trending-windows-7-attack

What you can do to prevent this from affecting your business.

 First, be sure to update your systems. If you are operating Windows 7™ or any of the end-of-life softwares associated with Windows 7. Contact our help desk as soon as possible to start the upgrade conversation. 

Second, be sure your network is secure. StratX IT’s Managed Security Suite will protect you from such attacks by securing the perimeter before the attack ever happens. Our detection software uses artificial intelligence to scan your system and detect database loopholes such as this. 

Do not leave yourself vulnerable to ransomware attacks. Connect with us today for a complimentary evaluation of your system and network. 

 

Call: 888-816-3819 and speak to an expert today. We promise to answer the phone on your first call attempt. Otherwise, complete the contact form below and we will reach out to you as you indicate. 

Archives

Categories

see all

Recent Posts