Statistical Report on Malware Targeting Windows Database Servers in the Second Quarter of 2026

Statistical Report on Malware Targeting Windows Database Servers in the Second Quarter of 2026

Contents The AhnLab SEcurity intelligence Center (ASEC) analyzed attack logs from the second quarter of 2026 targeting MS-SQL server and MySQL server installations on Windows. This report summarizes the damage status, attack status, and the classification of the malware and tools used in the attacks. Purpose and Scope The targets

Statistics Report on Malware Targeting Windows Database Servers in Q1 2026

Statistics Report on Malware Targeting Windows Database Servers in Q1 2026

Description. analysis of ASEC’s ASD logs for Q1 2026 showed a consistent trend of attacks against MS-SQL and MySQL. the number of attacks tended to decrease temporarily in February before increasing again in March. Purpose and Scope. this report summarizes the statistics of attacks targeting MS-SQL and MySQL servers installed

Attack Targeting MS‑SQL Servers to Deploy the ICE Cloud Scanner (Larva-26002)

Attack Targeting MS‑SQL Servers to Deploy the ICE Cloud Scanner (Larva-26002)

AhnLab SEcurity intelligence Center (ASEC) has confirmed that the Larva-26002 threat actor continues to target improperly managed MS-SQL servers in 2026. The Larva-26002 threat actor has distributed Trigona and Mimic ransomware in the past, and has since seized control of infected systems and installed scanners. The latest confirmed attack utilizes

Statistics Report on Malware Targeting Windows Database Servers in Q4 2025

Statistics Report on Malware Targeting Windows Database Servers in Q4 2025

AhnLab SEcurity intelligence Center (ASEC) utilizes the AhnLab Smart Defense (ASD) infrastructure to respond to and categorize attacks targeting MS-SQL and MySQL servers installed on Windows operating systems. This post covers the damage status of MS-SQL and MySQL servers that have become attack targets and statistics on attacks against these