Warning! Maggie malware has affected 250 Microsoft users; What should you do?

A new malware named Maggie has affected around 250 Microsoft systems. Here’s all you need to know.

By: HT TECH
| Updated on: Oct 06 2022, 14:50 IST

Stay safe from viruses, hackers NOW! Just follow these 5 safety tips

Microsoft — 1/5 Keep your device updated- You should always keep your device updated with the latest software updates. Every time you get a notification regarding the updates from your device manufacturer or operating system provider, make sure you download it. The updates especially related to your internet browser should also be taken care of. You should also keep updating important apps regularly as the updates can bring new features to protect your privacy. (Pixabay)

image caption — 3/5 Strong password- Passwords can protect your device from unauthorized accesses. You should avoid keeping easy to guess passwords to lock your device like your name, date of birth, mobile number, among others. In order to make your password strong, you should use special characters, numbers, both upper and lower case alphabets. (Pixabay)

A new hazardous malware has been found by security researchers, which is targeting Microsoft SQL servers. Sadly, this backdoor malware named Maggie has already contaminated hundreds of Microsoft users all over the world. Security researchers Johann Aydinbas and Axel Wauer from the DCSO CyTec have spotted this malware which is more prevalent in South Korea, India, Vietnam, China, Russia, Thailand, Germany, and the United States. Security experts say that it is controlled through SQL queries that command and interact with the files of the system. The more worrying part is that it doubles as a bridgehead into the server's network environment.

The analysis of the malware has revealed that the malware is digitally signed by DEEPSoft Co. Ltd, a company that appears to be based in South Korea, the BleepingComputer report mentioned. "The variety of commands supported by Maggie allow querying for system information, executing programs, interacting with files and folders, enabling remote desktop services (TermService), running a SOCKS5 proxy, and setting up port forwarding," a report from DCSO CyTec explained.

The cybersecurity researchers also mentioned that the command list includes four exploits, which indicated that the online attackers must rely on some known vulnerabilities, for example, a new user. Unfortunately, the security analysts couldn't test the exploits for now, as they seem to depend on an additional DLL that is not shipped with malware Maggie.

“In addition, the backdoor has capabilities to brute force logins to other MSSQL servers while adding a special hard coded backdoor user in the case of successfully brute forcing admin logins. Based on this finding, we identified over 250 servers affected worldwide, with a clear focus on the Asia-Pacific region,” the report by the researchers has revealed. However, there is not much information available at the moment.

What should you do?

It is generally advised to keep your computer and laptop up to date with the latest software and security updates. For a Windows system, you simply need to select Start, go to Settings, move to the Update & Security option and check for the latest updates in the Windows Update section. If available, download it now.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.