WannaCry Ransomware has caused severe damage worldwide. Tens of thousands of companies, educational institutes, government organizations have been crippled and cannot operate properly without paying the random.
This cyberattack was spread through the Windows Server Message Block SMB protocol by using an exploit, EternalBlue, released by the notorious hacking group, The Shadow Brokers.
While the damage of WannaCry is still in effect, security exports have discovered that another massive attack is underway. Adylkuzz malware, equipped with the same exploit, was unleashed to infect enormous unpatched machines.
This time it is coming after your computing power.
Same vulnerability. New Malware. Same trick but Larger harm
The Adylkuzz malware infects a PC with the same means as WannaCry, but the little brother came up with a different “Business Model.”
While the WannaCry Ransomware asks the victims to pay a ransom in exchange for the decryption key to unlock files and take back control of their PCs, the Adylkuzz malware secretly runs in the background and silently enslaves the compromised PCs to get the crypto key for Monero, an untraceable digital currency with monetary value in the real world.
The way to earn the Monero currency is similar to Bitcoin mining, which requires heavy computing power. Despite that one individual machine only contributes little to the mining, with great quantities of infected machines, cybercriminals can still generate a huge amount of Monero cryptocurrencies. Therefore, perpetrators leverage the Adylkuzz malware to infect as many PCs as possible to mine the crypto keys. Cybersecurity experts warn that the Adylkuzz malware has been spreading since April and already affected hundreds of thousands of PCs and servers across the world. This cyberattack is still ongoing and may be larger in scale than WannaCry.
How to stay safe? Again, Patch now!
Once infected by Adylkuzz, the infected PC would run slowly because the malware consumes large CPU to dig the digital currency. Since WannaCry and Adylkuzz are both geared with the same EternalBlue exploit, the key to stay safe from these attacks is to keep your Windows systems updated.
Microsoft had released a security patch to fix the vulnerability two months ago. However, many people still have not installed the security update, which exposing themselves to potential cyberattacks.
If you haven’t updated your PC, do it NOW and do it regularly. Also, we strongly recommend using 360 NSA Cyber Weapons Defense Tool to check if your computer is fully patched to shield against exploits from NSA hacking tools.
You don’t have to expose yourself to risks especially when these risks can be avoided in advance with a simple action.