Researchers found yet another Cyberattack using NSA hacking tools

Published by root on

Researchers found yet another Cyberattack using NSA hacking tools

Cybersecurity researchers have identified a second ongoing global cyber attack that has quietly hijacked hundreds of thousands of computers around the world, including many in the United States, for a massive cryptocurrency mining operation.

While investigating the WannaCry ransomware attacks, researchers at the cyber security firm Proofpoint stumbled upon another “less noisy” form of malware called Adylkuzz that, the firm says, has likely generated millions of dollars in cryptocurrency for the unknown attackers.

According to Ryan Kalember, the senior vice president for cybersecurity at Proofpoint, the attack employed the same hacking tools developed by the U.S. National Security Agency (NSA) and leaked to the public by the hacker group Shadow Brokers in April to exploit vulnerabilities in the Microsoft Windows operating system.

“I would say the real-world impact of this attack is going to be more substantial than WannaCry,” Kalember told ABC News. “Ransomware is painful, but you can restore operations relatively quickly. Here, you have a huge amount of money landing in some bad people’s hands. That has geopolitical consequences.”

The firm is still working to establish attribution for the attacks, but Kalember pointed out that North Korean-backed Lazarus Group – the same hacker group linked to the WannaCry attacks – launched a similar cryptocurrency mining attack in late 2016.

Microsoft released a pair of patches to address the vulnerability exploited by both WannaCry and Adylkuzz, but the firm says computers that adopted those patches after being infected would remain compromised, and networks that have not adopted those patches would remain exposed.

Proofpoint identified Adylkuzz attacks dating back to May 2, which would predate the WannaCry attacks, making Adylkuzz the first known widespread use of the leaked NSA hacking tools. It remained undetected for so long, Kalember says, because its impact on users is far less noticeable than ransomware.

“It takes over your computer, but you probably don’t notice anything other than that the system runs really slow,” Kalember said. “Your computer might be mining cryptocurrency for some very bad people.”

Loading

Categories: News
Tags:

Related Posts

News

Hackers bypassed Galaxy S10 ultrasonic biometric fingerprint scanner

There are security vulnerabilities in the Samsung Galaxy S10 ultrasonic biometric fingerprint scanner, and hackers can use the 3D printed fingerprint of the mobile phone user to pass the verification. The Samsung S10 and S10+ use ultrasonic Read more…

News

1Password Will Give You $100,000 If You Can Crack Its Vault

AgileBits, the developer behind 1password is ready to pay you a bug bounty of $100,000 if you can break into their vault nd obtain a plain text file of “bad poetry.” Earlier, a “capture the Read more…

News

Petya Ransomware Spreading Rapidly Worldwide, Just Like WannaCry

Watch out, readers! It is ransomware, another WannaCry, another wide-spread attack. The WannaCry ransomware is not dead yet and another large scale ransomware attack is making chaos worldwide, shutting down computers at corporates, power supplies, Read more…