A relatively new cyberattack sees hackers steal entire databases and demand a Bitcoin ransom from their owners, as per a report today by security publication ZDNet. Over 85,000 accounts have been reportedly affected so far.

SQL—short for Structured Query Language—is a widely-used computer language used to access, manage, and change data on servers or cloud systems. It has been heralded in the developer community for being faster, easier to learn, and highly interactive among various, different datasets.

Such advantages make SQL databases a very popular tool around the world, and also a ripe target for attack. Security analysts suggest these hackers have been active since the start of 2020, with the extent of such attacks increasing in the past months.


The attack sees hackers fraudulently gain access to an SQL database, download all the data, delete the data on the original server, and proceed to leave a ransom note for owners to retrieve their database.

They even leave a time-lock to coerce victims to quickly make payments. “If we don’t receive your payment in the next 9 days, we will sell your database to the highest bidder or use them otherwise,” reads one such ransom note.

An example of the ransom note left on affected SQL databases. Image: Bitcoin Abuse

Initially, the notes directed the victims to the attackers’ email. However, as the attacks grew, the operation was automated (meaning the data released automatically on payment) and made accessible via a website on the dark web.

Hackers are said to demand approximately $550 worth of Bitcoin for each affected database. Exchange rate fluctuations mean the number of Bitcoin demanded may change every day—it can be drastically higher or lower today compared to last week—but security analysts state the actual dollar amount remains the same.

Bitcoin ransom attacks have risen in tandem with the rise of the crypto market this year, with attackers covering a large variety of victims and methods—such as Pakistani electricity firms, Argentinian borders, and even using Dogecoin wallets—to ply their trade and eke out some Bitcoin. And with the use of technology increasing each year, the attacks are only expected to continue.


Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.