Hackers are distributing the PurpleFox malware through vulnerable MS-SQL servers. The malware conceals itself as a rootkit and installs malicious MSI files using PowerShell commands. The threat actors exploit poorly managed servers and execute PowerShell through sqlservr.exe. The malware can be installed without user intervention and maintains persistence through registry key changes. The PurpleFox malware is executed via the SENS service after a system restart. #cyberattack #cybersecurity

https://cybersecuritynews.com/purplefox-malware-ms-sql-servers/