Over 3.6 million MySQL servers found exposed on the Internet


Over 3.6 million MySQL servers are publicly accessible and responding to queries on the Internet, making them an appealing target for hackers and extortionists.

2.3 million of these accessible MySQL servers are connected via IPv4, while 1.3 million are connected via IPv6.

While web services and applications frequently connect to remote databases, these instances should be secured so that only authorised devices can connect to them.

Furthermore, public server exposure should always be accompanied by stringent user policies, such as changing the default access port (3306), enabling binary logging, closely monitoring all queries, and requiring encryption.

3.6 million MySQL servers are vulnerable

Analysts discovered 3.6 million exposed MySQL servers using the default port, TCP port 3306, in scans conducted last week by cybersecurity research group The Shadowserver Foundation.

“While we do not check for the level of access possible or database exposure, this type of exposure is a potential attack surface that should be closed,” explains the Shadow Server report.

The United States has the most MySQL servers available, with over 1.2 million.
China, Germany, Singapore, the Netherlands, and Poland also have significant populations.

The scan results in detail are the following:

  • Total exposed population on IPv4: 3,957,457
  • Total exposed population on IPv6: 1,421,010
  • Total “Server Greeting” responses on IPv4: 2,279,908
  • Total “Server Greeting” responses on IPv6: 1,343,993
  • 67% of all MySQL services found are accessible from the internet

Shadow Server recommends that administrators read this guide for version 5.7 or this one for version 8.0 to learn how to securely deploy MySQL servers and close security gaps that may exist in your systems.

According to data brokers who sell stolen databases, one of the most common vectors for data theft is improperly secured databases, which administrators should always lockdown to prevent unauthorised remote access.

Failure to secure MySQL database servers can lead to disastrous data breaches, destructive attacks, ransom demands, remote access trojan (RAT) infections, and even Cobalt Strike compromises.

All of these scenarios have serious consequences for the organisations affected, so it is critical to implement appropriate security practises and prevent your devices from being accessible via simple network scans.

Found this article interesting? Follow BG on Facebook, Twitter and Instagram to read more exclusive content we post.

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments

Latest news

LG Ultra PC 14-Inch, 16-Inch Laptops With AMD Ryzen 5000 Series Processors Launched

The laptops of the LG Ultra PC series include anti-glare IPS panels with minimal bezels. Last week, LG introduced 14-inch...

Samsung Galaxy A23 5G With 6.6-Inch Infinity-V Display, 5,000mAh Battery Launched

Table of ContentsSamsung Galaxy A23 5G price, availability (expected)Samsung Galaxy A23 5G specifications Samsung has not yet revealed the Galaxy...

LG Ultra Tab With 10.35-Inch Display, Snapdragon 680 SoC Launched

Table of ContentsLG Ultra Tab priceLG Ultra Tab specifications The 7,040mAh battery in the LG Ultra Tab supports 25W rapid...

OnePlus 10T Glacier Mat Case With Sustainable Circulation Cooling, Bumper Case Sandstone Launched In India

Table of ContentsOnePlus 10T Glacier Mat Case, Bumper Case Sandstone, Tempered Glass price in India A tempered glass for the...

Latest Updates

Must read

Nigerian Entrepreneur Builds Electric Mini-Buses In Clean Energy Push

Mustapha Gajibo, a Nigerian entrepreneur, is now building solar...

How to block a number on Apple’s iPhone

Sometimes the easiest option is the best way to...

You might also likeRELATED
Recommended to you

Would love your thoughts, please comment.x