More malware is making the rounds — but this time it’s invisible

S1905

There’s another strain of malware infecting computers, but this one you can’t see.

Instead of a red ransom note — the calling card of the massive WannaCry infection — this newly-discovered malware isn’t noticeable, beyond making a computer run more slowly than usual.

Called “Adylkuzz,” the malware leverages the same hole in old Windows software used to spread WannaCry. But this attack operates in the background of computers, installing a “miner” to generate the cryptocurrency called Monero.

Cryptocurrency is digital money, which is generated by computing power — the more power you have, the more currency you’re able to “mine.”

And it makes one aspect of the hacking threat quite clear: Cyberattacks aren’t always flashy ransomware that makes itself known.

The Adylkuzz malware was discovered by the security firm Proofpoint while it was investigating WannaCry, which infected 300,000 machines in 150 countries last weekend. WannaCry spread using a Windows exploit leaked in April (which Microsoft (MSFT, Tech30) released a patch for in March) that believed to belong to the NSA.

“It’s one of the more worrying [threats], because it can definitely go undetected for weeks if not months,” Darien Huss, senior security research engineer for Proofpoint, told CNNTech.

The Adylkuzz malware started infecting computers around May 2, and was found on at least 150,000 machines. It went undetected until this week, Huss added.

Security firm Symantec said Adylkuzz isn’t spreading as widely because Internet providers are proactively blocking it once they’re aware of it. Also, the malware does not have the ability to put itself onto other computers automatically — its creator manually searches for exploitable machines and puts the malware on them.

[Read More]

Add a Comment

Your email address will not be published. Required fields are marked *