Cybercriminals are selling the contents of stolen MySQL databases on the dark web at the discounted price of just $550 per database.
As reported by ZDNet, a security researcher has discovered a new dark web portal that is part of a database ransom scheme that has been ongoing since the beginning of this year.
Cybercriminals involved in the scheme break into MySQL databases, download tables, delete the originals and leave behind ransom notes informing server owners that they need to contact the attackers in order to get their data back.
- We've put together a list of the best database software around
- Keep your devices protected online with the best antivirus software
- Also check out our roundup of the best endpoint protection software
At first these ransom notes asked victims to contact the attackers by email but as the scheme has progressed, those responsible have automated the operation using a web portal which is now hosted on an Onion address on the dark web.
Databases for sale
Each ransom note left behind in a hacked database contains a unique ID which must be entered by victims when visiting the attacker's new web portal and this takes them to a page where their data is being sold.
If a victim doesn't purchase their data from the attackers within a nine-day period, the contents of their database are then put up for auction on a different section of the portal. This is quite similar to the way in which ransomware groups began to auction off stolen data earlier this year.
As with other ransom schemes, victims must pay for their data in bitcoin. However, it appears as if this operation may be automated as these stolen databases cost around $500 each regardless of their contents.
Ransom attacks have become quite popular among cybercriminals this year with numerous complaints from server owners popping up all of the internet. As a result, database owners need to ensure their taking the proper steps to ensure their infrastructure, systems and data.
- We've also highlighted the best business VPN services