Short Bytes: Proofpoint has uncovered a malware attack that uses the same EternalBlue and DoublePulsar exploits, which were used to spread WannaCry. Called Adylkuzz, it’s a cryptocurrency miner that installs itself on a computer and uses your computer’s resources to mine Monero. It’s being claimed that Monero has infected hundreds of thousands of PCs and servers worldwide. Just WannaCry, Adylkuzz miner can be stopped by installing latest security updates.Last week, cybercriminals spread massive scale WannaCry ransomware attack and locked the computers of users, asking them for money. This attack used NSA’s EternalBlue and DoublePulsar exploits to spread itself over company networks. But, this wasn’t the end. The same exploits have also been used to devise another dangerous malware.
Security firm Proofpoint has discovered a large-scale attack which is installing the cryptocurrency miner Adylkuzz. This attack shuts down SMB networking to prevent further infections with other malware like WannaCry. Funnily enough, it might have slowed down the growth of WannaCry.
What happens after your PC is infected by Adylkuzz miner?
After Adylkuzz miner enters your computer, it installs itself and uses your computer’s resources to mine cryptocurrency. As a result, the PC and server performance is degraded. By affecting thousands of computers, the overall mining goal could be very lucrative.
The cryptocurrency being mined by Adylkuzz is Monero. The worth of one Monero is about $28 and it’s easier to mine as compared to Bitcoin. Proofpoint has found many Monero paying addresses, which have received $7,000, $14,000, and $22,000.
Proofpoint has found out that Adylkuzz attack predates WannaCry and its victims could be “hundreds of thousands of PCs and servers worldwide.”
How to protect yourself from Adylkuzz? Why isn’t it getting attention?
Just like WannaCry, which attacks older and unpatched Windows PCs, Adylkuzz miner could be defeated by installing the latest security patches and upgrading to a newer and secure version.
But, if Adylkuzz is so dangerous, why it isn’t getting much attention? Probably because it isn’t locking computers and displaying scary ransom notices.
Did you find this information on Adylkuzz miner useful? Don’t forget to share your views with us.