Mid Last year a not so surprising  news broke out.

70k hacked government and corporate servers were for sale for as little as $6 apiece: ArsTechnica

70k hacked government and corporate servers
According to an analysis by Kaspersky Labs, the servers were from all over the world.

Xdedic by country analysis by Kaspersky Lab


Imagine the possibility of your server potentially ending up on this list and then being used to attack your competitor. The legal issues alone will be longstanding not to mention the damage to your reputation which could lead to you losing customers.

While monitoring attacks on our client systems we see workstation names if the attacker is using a potentially hacked Windows Server/System. Which results in a nice table like:

Who is attacking you - Mjolnir Security

From the list, you can see names like APPSERVER, HYPERV01, KMSB-SERVER, SRV-DC01 which are most likely corporate servers that got hacked and then were used to attack our clients.

Computers with the name WIN-XXXX are VPS’s that were either hacked or rented out by hackers.

The computers XXXX-PC are having XXXX as username on the windows PC which are directly attacking.

While this sounds scary, this can take a turn for the worse with a US “Self Defense” Bill that would allow victims to hack back – https://www.usnews.com/news/articles/2017-03-09/self-defense-bill-would-allow-victims-to-hack-back

Have you checked your logs lately? If you want to know more, get in touch with us right now to schedule a demo

Start typing and press Enter to search