Another cyber attack was launched Wednesday night that could dwarf the cyber assault on computers worldwide last week.
This new attack targets the same weaknesses that the “WannaCry” ransomware worm exploited. But instead of freezing files, it uses the hacked computers to try and steal “virtual currency” like BitCoins.
Research have discovered a new attacked linked to the “WannaCry” program called “Adylkuzz” that uses similar hacking tools, Yahoo! News reports.
Instead of completely disabling an infected computer by encrypting data and seeking a ransom payment, Adylkuzz uses the machines it infects to “mine” in a background task a virtual currency, Monero, and transfer the money created to the authors of the virus.
Virtual currencies such as Monero and Bitcoin use the computers of volunteers to record transactions. They are said to “mine” for the currency and are occasionally rewarded with a piece of it.
Symptoms of the attack include loss of Windows applications and reduced PC performance. The problem is that these symptoms can take time to manifest and are not unique to all computers.
“As it is silent and doesn’t trouble the user, the Adylkuzz attack is much more profitable for the cyber criminals. It transforms the infected users into unwitting financial supporters of their attackers,” said Nicolas Godier, a researcher at the computer security firm Proofpoint.
The firm said they have detected infections that have already transferred thousands of dollars worth of the virtual currency “Monero” to the virus creators.
The firm believes Adylkuzz has been on the loose since at least May 2, and perhaps even since April 24, but due to its stealthy nature was not immediately detected.
“We don’t know how big it is” but “it’s much bigger than WannaCry”, Proofpoint’s vice president for email products, Robert Holmes, told AFP.
A US official on Tuesday put the number of computers infected by WannaCry at over 300,000.
“We have seen that before — malwares mining cryptocurrency — but not this scale,” said Holmes.