The Shadowserver Foundation research team says it has found more than 3.6 million unsecured MySQL servers that are publicly available on the Internet and responding to requests, making them an attractive target for hackers and ransomware.
Let me remind you that we also talked about Vulnerability in WordPress Tatsu Builder Plugin Is under Attack, and also that Using Pre-Hijacking Attacks, Hackers Can Compromise Other People’s Accounts Even before They Are Registered.
During the scan conducted by experts, it turned out that more than 3.6 million unsecured MySQL servers can be found on the network using the default port (TCP 3306). 2.3 million of them were connected via IPv4, and another 1.3 million via IPv6.
According to the collected statistics, the country with the largest number of available MySQL servers is the United States, where there are more than 1.2 million of them, followed by China (about 300,000 servers), Germany (about 175,000 servers), as well as Singapore, the Netherlands and Poland.
The researchers note that although web services and applications often connect to remote databases, they must be secured so that only authorized devices can connect to them. In addition, access to a public server should always be limited by strict policies, changing the default port, logging, as well as careful monitoring of all requests and forced encryption.