Turkish hackers targeting database servers with Mimic ransomware

Cybersecurity company Securonix has found that Turkish hackers are attacking databases in the US, EU, and Latin America using Mimic ransomware. Naming the campaign “RE#TURGENCE”, Securonix said the attackers customise their operations for each victim and employ a more targeted approach to secure initial access. The hackers typically target Microsoft SQL databases and spend about a month in a system before deploying the ransomware. The researchers discovered the scheme after the hackers made an error, revealing parts of their communications and negotiations.