Statistics Report on Malware Targeting Windows Database Servers in Q2 2025
Essential information
- Published
- 08/08/2025 17:08
- Modified
- 10/08/2025 21:37
- Tags
- 2025-08-08 ahnlab smart defense anydesk attack statistics clrshell cobaltstrike coinminer database gh0strat hploader juicypotato loveminer ms-sql mykings mysql netcat q2 2025 remcos server security shadowforce windows
- Related entities
- 9 observables, 6 techniques (mitre)
Description
The analysis team has categorized attacks on MS-SQL and MySQL servers installed on Windows systems during Q2 2025. While the number of targeted systems remains stable, attacks on MS-SQL servers have been decreasing. MySQL servers saw a significant spike in attacks in June 2025. The report provides detailed statistics on attack trends, including graphs illustrating the attack status for both server types. It also includes a list of MD5 hashes, URLs, FQDNs, and IP addresses associated with the malicious activities. The analysis covers various types of malware and tools used in these attacks, ranging from backdoors and miners to ransomware and remote access trojans.