Currently, between 2,000 and 3,000 computers are infected daily. The purpose is first and foremost to extract the crypto currency Vollar.
According to Israeli security company Guardicore Labs, a group of hackers have been conducting an extensive campaign against computers running Microsoft SQL Server since May 2018.
The campaign has been named Vollgar, which aims to infect the computers in order to extract the crypto currency Vollar. But it also happens that the hackers plant back doors to be able to access sensitive information in secret.
Currently, between 2,000 and 3,000 computers are attacked daily, which includes companies and institutions that are dedicated to IT and telecommunications, higher education and healthcare.
The attacks are conducted from more than 120 different IP addresses, most of which are in China. It is noteworthy that the hackers have in many cases damaged harmless programs added by other hackers, in order to gain full control over the computers for their own part.
To help troubled users of Microsoft SQL Server, Guardicore Labs has created a Powershell script that can detect if a particular computer is infected or not.