More than 85,000 MySQL databases are up for sale on the dark web

Best cloud databases
(Image credit: Pixabay)

Cybercriminals are selling the contents of stolen MySQL databases on the dark web at the discounted price of just $550 per database.

As reported by ZDNet, a security researcher has discovered a new dark web portal that is part of a database ransom scheme that has been ongoing since the beginning of this year.

Cybercriminals involved in the scheme break into MySQL databases, download tables, delete the originals and leave behind ransom notes informing server owners that they need to contact the attackers in order to get their data back.

At first these ransom notes asked victims to contact the attackers by email but as the scheme has progressed, those responsible have automated the operation using a web portal which is now hosted on an Onion address on the dark web.

Databases for sale

Each ransom note left behind in a hacked database contains a unique ID which must be entered by victims when visiting the attacker's new web portal and this takes them to a page where their data is being sold.

If a victim doesn't purchase their data from the attackers within a nine-day period, the contents of their database are then put up for auction on a different section of the portal. This is quite similar to the way in which ransomware groups began to auction off stolen data earlier this year.

As with other ransom schemes, victims must pay for their data in bitcoin. However, it appears as if this operation may be automated as these stolen databases cost around $500 each regardless of their contents.

Ransom attacks have become quite popular among cybercriminals this year with numerous complaints from server owners popping up all of the internet. As a result, database owners need to ensure their taking the proper steps to ensure their infrastructure, systems and data.

Via ZDNet

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.