18 May, 2017
As the world reels from the WannaCry ransomware attack, it’s now
emerged that a second, potentially larger attack, is already under way.
It seems the widespread proliferation of military-grade cyberweapons
has ushered in a new era of digital crime.
Cyber
bandits have again deployed both the EternalBlue and DoublePulsar
exploits developed and used by the NSA which were released by the
ShadowBrokers hackers back in April.
“Initial statistics
suggest that this attack may be larger in scale than WannaCry, affecting
hundreds of thousands of PCs and servers worldwide: because this attack
shuts down SMB networking to prevent further infections with other
malware (including the WannaCry worm) via that same vulnerability, it
may have in fact limited the spread of last week's WannaCry infection,” wrote a security researcher
who goes by the alias Kafeine at cybersecurity company Proofpoint.
This
latest attack uses the two exploits to install the cryptocurrency miner
Adylkuzz over corporate Local Area and wireless networks but, rather
curiously, may actually have helped slow the spread of WannaCry.
However, in an apparent case of “picking your poison,”
the Adylkuzz miner dramatically slows PC and server performance as it
extracts cryptocurrency but it does not lock users out of their machines
and data, as WannaCry did. More
No comments:
Post a Comment