Adylkuzz Malware Is Lurking in the Background, Waiting to Strike

In the beginning of May, a colossal ransomware attack stormed the online community in the form of the WannaCry virus. Linked to this cyber-attack was the EternalBlue exploit; effectively circulating the virus across corporate LANs and wireless networks.

Just recently, another substantial cyber-attack was discovered via – once again – the EternalBlue exploit. The DoublePulsar exploit was also connected to the malware labeled “Adylkuzz”. This virus has the ability to blackout SMB networking; meaning any other malware or cyber-attack threatening the machine will be cancelled out.

A blogger at cnet explains the mechanisms of the virus,

“The virus hides in the background, so most victims wouldn’t even know they’ve been hacked. The symptoms include slowed down performance in PCs and loss of access to certain Windows resources. In one case, a hacker made up to $22,000 before the mining bot was booted.”

Even worse, Adylkuzz is also a cryptocurrency mining virus. After its installation, the virus executes a series of commands that will produce and extract the cryptocurrency to the attacker. While cryptocurrency mining is legal when done voluntarily, the Adylkuzz virus is…obviously not legal. Instead of the victims generating an income when verifying and validating transactions, the cryptocurrency is rerouted to the attacker’s account.

Panda Security writes on their view of the Adylkuzz virus:

“What Adylkuzz does is turn the computers it infects into park of the Blockchain network, using most of their memory resources for the mining process, without users realizing. However, Adylkuzz prevents the owners of the compromised computers from earning any cyber-cash, sending it instead to the malware writers.”

At the rate Adylkuzz is spreading, it won’t be long before it surpasses WannaCry as the biggest cyber-attack in history. The leading problem with this infection is its ability to go undetected. While WannaCry was aggressive and alarming, Adylkuzz is silent and deadly. The online community needs to be extra aware in the upcoming months, especially if they participate in cryptocurrency mining.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Microsoft Fixed 100+ Vulnerabilities With October Patch Tuesday