Recently, the security researchers at Panda Security claimed that they have found a crypto jacking malware in October 2017 which was fueled by NSA’s EternalBlue Exploit. WannaMine malware actually uses Windows Management Instrumentation and Powershell to run the script that quietly mines Monero crypto coin.
WannaMine: Crypto Currency Mining Malware On The Rise
Well, we must admit that Ransomware attacks are one of the growing threats when it comes to the security and privacy of computers. The previous year we have seen the malicious software WanaCryptor 2.0 is being used to carry out one of the biggest ransomware attacks of its kind.
Recently, the security researchers at Panda Security claimed that they have found a crypto jacking malware in October 2017 which was fueled by NSA’s EternalBlue Exploit. However, the latest malware comes with a twist.
As we know hackers are trying different methods to mine cryptocurrency using victim’s CPU Power and the latest malware which is known as WannaMine hijacks victim’s CPU cycles to mine Monero.
Another security firm called CrowdStrike claims that they have observed an increase in the number of WannaMine infections in the last couple of months. The malware is so powerful that it had crippled the operations of some companies for days and even weeks.
WannaMine malware actually uses Windows Management Instrumentation and Powershell to run the script that quietly mines Monero and it doesn’t download or use any file to infect a system. So, you can say that the malware performs the fileless operation which makes it very difficult to detect and stop the malware.
To spread itself within the network, the malware uses some advanced techniques. First, it uses the Mimiktaz tool to extract the login credentials of a system and if it fails, it uses the popular EternalBlue exploit to attack the remote system.
Well, to trap the victims, hackers are spreading WannaMine malware via a malicious link in an email or website. After infecting the machine, the hacker can initiate a remote access attack on the target.
According to the reports from CrowdStrike, WannaMine is different from WannaCry ransomware, it doesn’t lock people out of their computers because they are already producing digital money.
So, what do you think about this? Share your views in the comment box below.