Over 3.6 million MySQL servers found exposed on the Internet


Over 3.6 million MySQL servers are publicly accessible and responding to queries on the Internet, making them an appealing target for hackers and extortionists.

2.3 million of these accessible MySQL servers are connected via IPv4, while 1.3 million are connected via IPv6.

While web services and applications frequently connect to remote databases, these instances should be secured so that only authorised devices can connect to them.

Furthermore, public server exposure should always be accompanied by stringent user policies, such as changing the default access port (3306), enabling binary logging, closely monitoring all queries, and requiring encryption.

3.6 million MySQL servers are vulnerable

Analysts discovered 3.6 million exposed MySQL servers using the default port, TCP port 3306, in scans conducted last week by cybersecurity research group The Shadowserver Foundation.

“While we do not check for the level of access possible or database exposure, this type of exposure is a potential attack surface that should be closed,” explains the Shadow Server report.

The United States has the most MySQL servers available, with over 1.2 million.
China, Germany, Singapore, the Netherlands, and Poland also have significant populations.

The scan results in detail are the following:

  • Total exposed population on IPv4: 3,957,457
  • Total exposed population on IPv6: 1,421,010
  • Total “Server Greeting” responses on IPv4: 2,279,908
  • Total “Server Greeting” responses on IPv6: 1,343,993
  • 67% of all MySQL services found are accessible from the internet

Shadow Server recommends that administrators read this guide for version 5.7 or this one for version 8.0 to learn how to securely deploy MySQL servers and close security gaps that may exist in your systems.

According to data brokers who sell stolen databases, one of the most common vectors for data theft is improperly secured databases, which administrators should always lockdown to prevent unauthorised remote access.

Failure to secure MySQL database servers can lead to disastrous data breaches, destructive attacks, ransom demands, remote access trojan (RAT) infections, and even Cobalt Strike compromises.

All of these scenarios have serious consequences for the organisations affected, so it is critical to implement appropriate security practises and prevent your devices from being accessible via simple network scans.

Found this article interesting? Follow BG on Facebook, Twitter and Instagram to read more exclusive content we post.

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments

Latest news

Twitter Launches Tweeten App For Mac, Windows As A Replacement For TweetDeck

Twitter has previously indicated that as of July 1st, Mac users would no longer be able to utilise the...

Vivo Y01A Spotted On BIS Certification Website; Expected To Launch In India Soon

The Vivo Y01A is anticipated to go on sale in India for less than Rs. 10,000. According to a report,...

Samsung Galaxy XCover6 Pro With 5G, Wi-Fi 6E Compatibility Unveiled, To Go On Sale Starting July

The 6.6-inch PLS LCD screen on the Samsung Galaxy XCover6 Pro has FHD+ resolution and a 120Hz refresh rate. The...

Ambrane Stylo Max Power Bank With 50,000mAh Battery Capacity Launched In India

Ambrane's first-ever power bank, the Stylo Max, was introduced. In India, Ambrane debuted the Stylo Max 50,000mAh power bank.According to...

Latest Updates

Must read

How To Send Anonymous Messages On Instagram

Users on Instagram can communicate with one another privately...

WhatsApp Advanced Search:Rolling Out for Android Beta Users, Expiring Messages Feature.

WhatsApp Advanced Search Rolling Out for Android Beta Users,...

You might also likeRELATED
Recommended to you

Would love your thoughts, please comment.x