Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers.

Community Picks is a section on daily.dev where our community members share the most interesting and valuable content they've discovered online. From insightful articles to handy tools, every post is a gem curated by our dedicated coomunity. To contribute to Community Picks, you need to have at least 250 reputation points, ensuring that only active and trusted members can share their finds.

Community Picks

Poorly protected PostgreSQL databases on Linux are being targeted by cryptojacking attackers. Aqua Security researchers observed attackers brute-forcing access credentials, creating new high-privilege user roles, removing superuser privileges from compromised roles, and downloading payloads that eliminate competing cryptomining malware. PostgreSQL databases, often found in cloud and on-premises environments, are frequent targets due to lax security or misconfigurations. To protect these databases, using firewalls, VPNs, SSH tunnels, strong passwords, audit logs, and intrusion detection systems is advised.

PostgreSQL databases under attack

How to protect your PostgreSQL installations against cryptojacking?