Ophir leads the security research team in Akamai's Enterprise Security Group. Guardicore Labs team has recently uncovered a long-running attack campaign which aims to infect Windows machines running MS-SQL servers. Dating back to May 2018, the campaign uses password brute force to breach victim machines, deploys multiple backdoors and executes numerous malicious modules, such as multifunctional remote access tools (RATs) and cryptominers. We dubbed the campaign  Vollgar  after the  Vollar  cryptocurrency it mines and its offensive, vulgar behavior. \r\n Having MS-SQL servers exposed to the internet with weak credentials is not the best of practices. This might explain how this campaign has managed to infect around 3k database machines daily. Victims belong to various industry sectors, including healthcare, aviation, IT & telecommunications and higher education.…