New hacker tool Maggie to steal corporate secrets hits India

As cyber threats continue to rise around the world, hackers have diversified their offerings to expand the "attack surface" — the scope of cyber attacks and the purposes that they serve. One such recent finding is the malware 'Maggie', a tool that is being seemingly used for corporate espionage. As reported by German cyber security firm DCSO CyTec through its Medium blog, India is the most targeted nation for the operators of Maggie, which is presently being used to attack endpoints on Microsoft SQL servers.

To be sure, Microsoft SQL servers are among the most popularly used database management systems in the world. They are typically deployed by businesses to help multiple applications cross connect and access various sectors of data, as required by a company's information technology (IT) infrastructure. Such servers communicate across various services through points of connections — also known as endpoints.

In typical IT infrastructure, the endpoints accept certain codes, which need to be executed for a particular application to access a certain set of company data. For instance, the endpoints handle and authorise connections between an accounting application and a design application within a software design firm. Given the sensitivity and propriety of the data, these endpoints also require robust security standards to ensure that no corporate secrets are given out due to a lack of proper security configurations.

Configuring this security setting is a task that is commonly done by various cybersecurity service providers. Malware like Maggie, however, look for flaws and unpatched bugs within the codes of endpoints on platforms such as Microsoft SQL servers — such breaching such a platform could give them access to a massive number of companies that use these popular IT services.

It is this that Maggie is reportedly charged with doing. The tool offers services such as brute-forcing a breach of admin passwords and installing remote backdoors in IT servers — which hackers can then use at will to breach sensitive company data.

While there is no intel on which companies may be at risk through Maggie, the heat map of which countries are targeted the most by the tool shows India at the very top. Security experts have stated that with an increasing pace of digitisation of businesses, developing markets such as India may rank at the top of the charts for cyber breaches such as Maggie — making security an imperative area to focus on.

Last month, a number of reports revealed the rise of threats to Linux platforms, which also put enterprise infrastructure at risk in India and other markets.