Ransomware
Trigona
First seen: 2022-10 • Status: active
Currently Active Threat
Trigona ransomware breaks in through database servers. If your SQL Server is exposed to the internet, you are at risk.
Overview
Trigona is a ransomware operation that emerged in late 2022. It exploits vulnerable Microsoft SQL servers for initial access.
How It Spreads
- • MS-SQL exploitation
- • Brute force attacks
What It Does
- • File encryption
- • Database targeting
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor SQL Server security
- • Watch for brute force attempts
MITRE ATT&CK Techniques
T1486, T1110, T1505
If You're Infected
- 1.
Secure SQL Server immediately
- 2.
Audit database access
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required