.png)
Following the global outbreak of the WannaCry ransomware, security researchers at Proofpoint have discovered another attack that focussed on cryptocurrency mining.
Attackers used the EternalBlue and DoublePulsar hacking tools to install the cryptocurrency miner Adylkuzz in vulnerable machines.
“Initial statistics suggest that this attack may be larger in scale than WannaCry, affecting hundreds of thousands of PCs and servers worldwide,” said Proofpoint.
“Because this attack shuts down SMB networking to prevent further infections with other malware via that same vulnerability, including the WannaCry worm, it may have in fact limited the spread of last week’s WannaCry infection.”
In April, the Shadow Brokers leaked several cyber weapons online after reportedly hacking the NSA’s Equation Group. EternalBlue was among the weapons.
EternalBlue could compromise all versions of Windows through a networking bug in SMBv1.
Proofpoint executive Ryan Kalember said the authors of the Adylkuzz attack may have made more than a million dollars.
Follow me @cronwill and i will follow you back...