The Largest Security-Cleared Career Network for Defense and Intelligence Jobs - JOIN NOW

Homeland Security

Iran Press TV

'WannaCry' may be dwarfed by new, mega-scale cyberattack, experts warn

Iran Press TV

Wed May 17, 2017 3:29PM

Cybersecurity experts have warned that "WannaCry," the ransomware that affected computers worldwide, will probably be dwarfed by a new, mega-scale cyberattack.

Nicolas Godier, a researcher at Proofpoint, a global cybersecurity firm, said on Wednesday that the new attack, called Adylkuzz, would infect machines to mine virtual currency although it would target the same vulnerabilities that were used by WannaCry, which affected computers in at least 150 countries after it was launched last Friday.

"It uses the hacking tools recently disclosed by the NSA and which have since been fixed by Microsoft in a stealthier manner and for a different purpose," Godier said.

He added that the virtual currency that is sought in the background task is Monero, a currency like Bitcoin, which hackers used in the recent attack to extort the victims.

The expert said the money created through this massive attack would be transferred to the authors of the virus.

Those "mining" for the digital currency use computers of volunteers for recording transactions. The miners are then rewarded occasionally with a piece of currency.

Experts say infected users may not immediately notice the effects of Adylkuzz on their computers, which includes loss of access to shared Windows resources and degradation of PC and server performance.

WannaCry shut down services in many countries, including Britain, where hospitals and health centers run by the National Health Service were hugely affected. It demanded to receive money from the users to unlock their files.

Godier said Adylkuzz could benefit hackers more as the victims are not directly targeted and could be exploited more extensively.

"As it is silent and doesn't trouble the user, the Adylkuzz attack is much more profitable for the cyber criminals. It transforms the infected users into unwitting financial supporters of their attackers," he said.

Adylkuzz is believed to have begun since early May and even before in late April.

Robert Holmes, Proofpoint's vice president for email products, said Adylkuzz could be "much bigger than WannaCry."

"We have seen that before, malwares mining cryptocurrency, but not this scale," Holmes said.

Join the mailing list