What Does Maggie Malware Do To Your Computer?
Maggie is the name of a newly discovered malware that comprises a backdoor that can attack Microsoft SQL server setups.
A research team with DSCO CyTec discovered the new malicious tool. The highest number of infected systems out of the total 600 thousand scanned entities were located in the US, India, China and South Korea.
The Maggie backdoor is controlled using SQL queries and has an extensive list of supported commands. The malware can run programs, execute processes, perform file operations and forward ports. This opens up the victim system to further exploitation and attacks using other vectors.
The Maggie malware can also act as a bridgehead to any external IP that the victim server can access, giving the threat actors even more options to deliver further malicious payloads.
Researchers have identified a range of IPs associated with the malware and delivering malicious DLLs and executables. An additional indicator of compromise is the presence of a file named Success.dat, located inside C:\Program Files.