June 23, 2017

New cyber attack underway

19 May 2017, 09:22 | Melvin Schneider

Daily payment activity tied to a single Adylkuzz mining address tied to the attack campaign

Daily payment activity tied to a single Adylkuzz mining address tied to the attack campaign

The now infamous Windows vulnerability (MS17-010) exploited by the WannaCrypt ransomware has also been abused to spread another type of malware, specifically a cryptocurrency miner.

No one knows the attackers behind this attack, but Kalember stated that the "North Korean-backed Lazarus Group - the same hacker group linked to the WannaCry attacks - launched a similar cryptocurrency mining attack in late 2016".

The process of mining uses the computer's resources - its processor and/or graphics card - to perform complex computations, which in turns "creates" new Monero coins.

This is according to a report by security company Proofpoint, which has discovered the "very large-scale" attack that, instead of encrypting user data and asking for ransom, silently installs a cryptocurrency miner on the victims' computers.

Usually, a single computer at home or in the office might not be powerful enough to mine cryptocurrency due to the limited computing power available.

Modi said that in order to draw a parallel, there can be only 21 million Bitcoins that can be mined out of which 16 million have already been mined.

When Adylkuzz is in effect, the processor is used at a maximum capacity so other applications will show you errors. They are said to "mine" for the currency and are occasionally rewarded with a piece of it.

If you think the global panic over the WannaCry ransomware is over, think again.

To achieve this, the hackers find a vulnerability in one of the servers in the targeted organisation or they would infect a website which employees of a targeted organisation often visit. "They would download additional malware to interact with SWIFT software and would try to drain the organisation's accounts", Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told IANS.

Trump administration education budget proposes $10.6 billion in cuts
Budget documents obtained by The Washington Post show the administration plans to cut $10.6 billion from the education budget. The administration would channel part of the savings into its top priority: school choice.

One Dies, 17 Rescued as Building Collapses in Lagos
About fifteen people have been rescued from a collapsed three-storey building in Lagos today, Thursday. We first reached 14 of the labourers and some were treated by the agency's medical team and LASAMBUS.

Overwatch Anniversary Event New Emotes, Voice Lines and More Teased
Overwatch director Jeff Kaplan recently suggested that the studio would be open to more Blizzard crossover content in the future. Last but not least, Blizzard also announced another Overwatch Free Weekend which will run from May 26-29.

"Currently tens of thousands of computers worldwide are affected as part of this worldwide attack, and it's rapidly growing".

The world is yet to overcome the shock of the "WannaCry" ransomware attack which wreaked havoc in 150 countries and here comes another threat - the Adylkuzz Cryptocurrency Mining Malware.

"Indications are that the crooks behind Adylkuzz have generated a lot more money than the WannaCrypt ransomware fiends", the report noted.

Virtual currencies such as Monero and Bitcoin use the computers of volunteers to record transactions.

"Cybercriminals intrigued by the currency's promises of greater anonymity are using it more often on black markets." it said.

Organisations should never conclude that the absence of a major cyber-attack means that they have effective cyber defences.

The good news is, Microsoft released an update in March that fixes this flaw so it is CRITICAL that you have your Windows up to date.

"When deploying specialised software for money processing follow recommendations and best security practices from your software vendor and security professionals", Halde added. "And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today - nation-state action and organized criminal action".

Other News

Trending Now

Antarctic Has Seen Widespread Change In Last 50 Years
Amesbury noted that the consistency of changes in the moss samples taken from different parts of the Peninsula was particularly striking.

Syrian govt denies US claim of crematorium at prison
A former Syrian army colonel who joined the opposition said what the State Department revealed about Saydnaya "is not surprising". During his briefing, Jones presented photographs showing some evidence of the building believed to be a crematorium .

The real reason Amy Schumer and Ben Hanisch broke up
While Goldie, who has been in a relationship with actor Kurt Russell for 34 years, replied: 'I like a bad guy, I have to say. And maybe, just maybe, Schumer is a bit more believable in such a scene because she's not afraid of getting embarrassed.

Trump threatens to cancel press briefings, unhappy with Comey coverage
The committee had hoped to hear from Comey in a closed session following his abrupt firing on Tuesday by President Donald Trump. Trump's nominee must be confirmed in the Senate, where Democrats and some Republicans have fiercely criticized Comey's firing.