Author Topic: Cryptocurrency Mining Malware Spreading for Weeks via Same Backdoor As WannaCry  (Read 37 times)

0 Members and 1 Guest are viewing this topic.

Offline Gilbert

  • Updates Moderator
  • *
  • Posts: 31721
Cryptocurrency Mining Malware Spreading for Weeks via Same Backdoor As WannaCry
16 May 2017, 10:30 am

The same attack kit used in the WannaCry global spread was also used in another attack last month that may have been even larger in size. 

According to Proofpoint's security researcher Kafeine, the attack used the same exploit codenamed EternalBlue, as well as a backdoor called DoublePulsar, both of which were included in those NSA files dumped by Shadow Brokers. Instead of installing ransomware, the campaign was pushing cryptocurrency mining software known as Adylkuzz WannaCry. 

By their estimates, the attack started sometime between April 24 and May 2. Much like the WannaCry ransomware, the campaign was quite efficient at compromising computers that have yet to install the Microsoft updates released back in March to patch the vulnerabilities. 

"In the course of researching the WannaCry campaign, we exposed a lab ... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks