WannaCry cousin uses your computer to mine Bitcoins
WannaCry might have wreaked havoc all over the globe, but it apparently has a cousin that’s been far more effective in earning money for its creators. While looking into the WannaCry attacks, security firm Proofpoint has discovered the existence of another threat called Adylkuzz that also uses NSA’s leaked hacking tools EternalBlue and DoublePulsar that exploit Windows vulnerabilities. Unlike the ransomware that takes over its victims’ computers in an attempt to extort money, Adylkuzz has a much quieter existence. It’s a small program that lurks in your PC, using its resources to mine for a cryptocurrency called Monero.
The security firm found evidence that it’s been in use since May 2nd, though it could have been around as early as April 24th. It flew under everyone’s radar because it’s nowhere near as attention-grabbing as WannaCry, and it doesn’t require people to know how to use Bitcoin. According Proofpoint exec Ryan Kalember, the miner’s creators could’ve already earned over a million from its efforts. Meanwhile, the three Bitcoin wallets connected to WannaCry have only gotten payments equivalent to around $81,000. Proofpoint says that it expects more cyber criminals to use NSA’s leaked tools in the future. If you want to protect your computers, make sure to install patches, keep Windows updated and don’t use unlicensed software.
Via: MIT Technology Review
Source: Proofpoint, Symantec, Reuters