New ‘Maggie’ Backdoor Aims at Microsoft SQL Servers


The threat-hunting company DCSO CyTec’s security researchers have discovered a new backdoor that has been attacking Microsoft SQL (MSSQL) servers.

The threat, known as Maggie, is being introduced as a signed Extended Stored Procedure (ESP) DLL file, an MSSQL extension. It can only be managed using SQL queries once it is installed and running on a target server. The backdoor can be used by the attackers to get a foothold in the compromised environment and supports a variety of features, including the capacity to execute commands and interact with files.

A hardcoded backdoor user can also be added by using brute force attacks against admin accounts on other MSSQL servers by Maggie.

Read More: New ‘Maggie’ Backdoor Targeting Microsoft SQL Servers

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.