Adylkuzz hack, called larger than WannaCry, slows computers across the globe

Many computers and servers around the world whose owners believed they were operating slowly on Friday because of the WannaCry ransomware attack, were actually victims of another insidious hack, according to the security company Proofpoint. It says the computers were infected with malware called Adylkuzz which turned them into an unwitting army of computer “miners” working to create and funnel large sums of digital currency, likely destined for dark web markets.

The California-based security company says this malware took advantage of the same National Security Agency-developed tools that drove Friday’s unprecedented WannaCry ransomware attack, possibly causing more damage.

WannaCry leveraged exploits stolen from the NSA to lock the computer systems of hundreds of thousands of companies, ranging from hospitals to car manufacturers, and hold their data for ransom. Adylkuzz uses the same exploits to install malware on computers, but instead of locking them, it operates in the background, stealing computer power (and slowing the device) while “mining” for the virtual currency Monero.

Ryan Kalember, the senior vice president of cybersecurity strategy at Proofpoint, said many people impacted by Adylkuzz may not notice the toll it’s taking on their computers immediately. Virtual currencies — such as Bitcoin, the most well-known — are “mined” by computers and servers, typically with the owner’s knowledge. In this case, computers around the world are being forced to “mine” for Monero, which is most known for its ability to protect anonymity. Monero is the currency of choice on AlphaBay, a dark web market trafficking in drugs, stolen credit card information and other illicit goods.

“It’s throwing massive computational power at it, so it’s using those computers to create hundreds of thousands, if not millions of dollars worth of dark web currency,” Kalember said. “They’re basically making a bunch of dark money for some very bad people.”

Kalember said Proofpoint has…

Full article from the Source…

Back to Top