Bitcoin
$4,982.59 -11.66%
BTC · 9w

Cryptocurrency mining attacks using leaked NSA hacking tools are still highly active a year later

Cryptocurrency mining attacks using leaked NSA hacking tools are still highly active a year later

Zack Whittaker @zackwhittaker / 11 hours

It’s been over a year since highly classified exploits built by the National Security Agency were stolen and published online.

One of the tools, dubbed EternalBlue, can covertly break into almost any Windows machine around the world. It didn’t take long for hackers to start using the exploits to run ransomware on thousands of computers, grinding hospitals and businesses to a halt. Two separate attacks in as many months used WannaCry and NotPetya ransomware, which spread like wildfire. Once a single computer in a network was infected, the malware would also target other devices on the network. The recovery was slow and cost companies hundreds of millions in damages.

Yet, more than a year since Microsoft released patches that slammed the backdoor shut, almost a million computers and networks are still unpatched and vulnerable to attack.

Although WannaCry infections have slowed, hackers are still using the publicly accessible NSA exploits to infect computers to mine cryptocurrency.

Nobody knows that better than one major Fortune 500 multinational, which was hit by a massive WannaMine cryptocurrency mining infection just days ago.

“Our customer is a very large corporation with multiple offices around the world,” said Amit Serper, who heads the security research team at Boston-based Cybereason.

“Once their first machine was hit the malware propagated to more than 1,000 machines in a day,” he said, without naming the company.

Cryptomining attacks have been around for a while. It’s more common for hackers to inject cryptocurrency mining code into vulnerable websites, but the payoffs are low. Some news sites are now installing their own mining code as an alternative to running ads.

But WannaMi...

Continue on techcrunch.com
Recent news
BTC -11.66% · medium.com · 1h

Faketoshi’s Nonsense Signature A lot of people were freaking out about a “Satoshi” signature validating. For those that know enough to check a signature, this signature does appear to validate. But how did this person do it? Does the Tweet actually have a valid signature?

A lot of people were freaking out about a “Satoshi” signature validating. For those that know enough to check a signature, this signature does appear to validate. But how did this person do it? Does…
BTC -11.66% · twitter.com · 2h

Hash war estimated costs are getting ridiculous

Hash war estimated costs live updateIf one assumes the hashrate is leased, we estimate the protagonists have spent $6.7m in leasing fees since the split, generating combined gross losses of $4.6m. It ...
BTC -11.66% · twitter.com · 16h

Exciting times

More goodies coming from nodl/lightning-solutions soon... pic.twitter.com/YdJmblC7cy— nodl (@nodl_it) November 18, 2018