Weeks Before WannaCry, Cryptocurrency Mining Botnet Was Using Windows SMB Exploit

16 May 2017

A security researcher has just discovered a stealthy cryptocurrency-mining malware that was also using Windows SMB vulnerability at least two weeks before the outbreak of WannaCry ransomware attacks. According to Kafeine, a security researcher at Proofpoint, another group of cyber criminals was using the same EternalBlue exploit, created by the NSA and dumped last month by the Shadow Brokers, to infect hundreds of thousands of computers worldwide with a cryptocurrency mining malware called ‘Adylkuzz.’ This malicious campaign went unnoticed for weeks because unlike WannaCry, this malware does not install ransomware or notify victims, but instead, it quietly infects unpatched computers with malware that only mine ‘Monero,’ a Bitcoin-like cryptocurrency.

Read full news article on The Hacker News

Date:

16 May 2017

Categorie(s):

NEWS

Tag(s):

Cryptocurrency, Microsoft, OS, SMB, WannaCry, Windows

Boost Your Digital Security with a Reliable File Checker Tool22 October 2024
VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability22 October 2024
Winnebago Public Schools Suffers Cyber Attack, Services Shut Down22 October 2024
Pixel perfect Ghostpulse malware loader hides inside PNG image files22 October 2024
CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack22 October 2024