Communications of the ACM
Cryptocurrency Mining Malware ses Leaked NSA Exploits to Spread Across Enterprise Networks
Researchers at Symantec warn malware is being used to infiltrate corporate networks and hijack computers into running mining code to produce cryptocurrency.
Credit: Getty Images
Symantec researchers warn that malware is being used to infiltrate corporate networks and hijack computers into running mining code to produce cryptocurrency.
Symantec's Alan Neville said the "Beapy" malware was first detected in January, but has ballooned to more than 12,000 unique infections across 732 organizations since March.
Beapy gains access via a malicious email opened by a corporate employee, which drops the NSA-developed DoublePulsar malware to install a persistent backdoor on the infected system. A lateral network infection is then orchestrated with NSA's EternalBlue exploit.
Once the backdoor is entrenched, Beapy is pulled from the hacker's command and control server to penetrate each computer with the mining software.
From TechCrunch
View Full Article
Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA
No entries found