Another large-scale, stealthy cyberattack is underway on a scale that could dwarf last week’s assault on computers worldwide, a global cybersecurity firm told AFP on Wednesday.
Following the detection of the WannaCry cyberattack on Friday, researchers at Proofpoint discovered a new cyberattack linked to WannaCry called Adylkuzz, said Nicolas Godier, a researcher at the computer security firm.
- It uses the hacking tools recently disclosed by the NSA and which have been fixed by Microsoft more stealthy manner and for different purpose.
- Instead of completely disabling an infected computer by encrypting data and seeking a ransom payment, Adylkuzz uses the machines it infects to “mine” in a background task a virtual currency, Monero, and transfer the money created to the authors of the virus.
Proofpoint said in a blog that symptoms of the cyberattack include loss of access to shared Windows.
resources and degradation of PC and server performance effects which some users may not notice immediately.
- “As it is silent and doesn’t trouble the user, the Adylkuzz cyberattack is much more profitable for the cyberattack criminals.
- It transforms the infected users into unwitting financial supporters of their cyberattackers,” said Godier.
- it has detected infected machines that have transferred several thousand dollars worth of Monero to the creators of the virus.
- The firm Adylkuzz has been on the loose April 24th but due to its stealthy nature was not immediately detected.
A US official on Tuesday put the number of computers infected by WannaCry at over 300,000.
- More cyberattack could be soon underway as the hacker group TheShadowBrokers.
- That leaked the vulnerabilities used by WannaCry and Adylkuzz has threatened to publish more.
“compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programmes”.
Source by: Dawn, May 18th, 2017