Did you hear about Wannamine cryptojacking attack? According to reports, hundreds of thousands of devices worldwide are still exposed to this ransomware exploit. How to protect yourself?
17 September, AtoZ Markets – According to a number of online reports, there are nearly a million of computers and networks online that are still exposed to an exploit that enables unknown parties to hijack Windows devices to mine cryptocurrencies.
Experts Warn About Wannamine Cryptojacking Attack
It is understood that the exploits became available for use after a number of sophisticated National Security Agency (NSA) hacking tools were reported missing and published online. Almost a year ago, the tech giant Microsoft has put out patches to address these vulnerabilities. While most of the users have updated their systems, many are still vulnerable, according to reports.
A tool with the name EternalBlue appears to be the central figure of this issue, as it has been utilized for various types of hacks, aside from cryptocurrency mining. Prior to the time when the patch was made, EternalBlue has been used to run ransomware attacks on large networks, which managed to effectively shut down the systems for some of the major businesses.
Hackers have reportedly utilized the EternalBlue tool to inject the WannaCry and NotPetya ransomware strains onto thousands of devices. This has hurt millions of businesses, costing them hundreds of millions of US dollars in damages.
Companies Need to Install Security Patches
These ransomware attacks have also slowed down as a growing number of network patch their systems. The same tools are also being used to exploit an infected computer’s processing power to mine cryptocurrency. This exploit is called “Wannamine.”
One of the recent publications from a startup that provides cyber attack prevention services to the industry participants, Cybereason, has urged the public to download these patches.
The company has written in the blog post:
“Wannamine isn’t a new attack. It leverages the EternalBlue vulnerabilities that were used to wreak havoc around the world almost a year and a half ago. But more than a year later, we’re still seeing organizations severely impacted by attacks based on these exploits.”
According to the company, there is no reason for security analysts to continue managing incidents, in which hackers use the EternalBlue vulnerability. This is due to the fact that “organizations need to install security patches and update [their] machines,” says the company.
Cryptojacking is on the rise
The same cybersecurity company has explained how exactly the exploit works. They stated that Wannamine “penetrates computer systems through an unpatched SMB service and gains code execution with high privileges to then propagate across the network, gaining persistence and arbitrary code execution abilities on as many machines possible.”
In the meantime, McAfee Labs has recently published its quarterly “Threat Report,” where it has announced that the number of cryptojacking cases has risen by 629% in the first quarter of 2018. In addition, 59% of businesses in the UK have experienced cryptojacking attacks at some point.
Think we missed something? Let us know in the comments section below.