As predicted, the global ransomware outbreak was a harbinger of similar attacks.
A more discreet invader, “Adylkuzz,” exploits the same vulnerabilities as the recent WannaCry outbreak, but affects more systems and is harder to detect. Adylkuzz malware does not demand a ransom, but can severely slow down hijacked computer systems and servers.
What is “cryptocurrency mining?”
“Adylkuzz” is a Trojan virus that steals the processing power of invaded systems to validate the cryptocurrency Monero in a process known as “cryptocurrency mining.”
Cryptocurrencies such as Monero are described as digital or virtual money generated independently of banks. They are based on encryption technology, to keep data secure and prevent it from being altered, and Blockchain technology, which is used to verify transactions made on shared networks.
To ensure that cryptocurrency is valid, “miners” validate the calculations. However, it takes an enormous amount of computer processing power in order to do this, so cryptocurrencies compensate miners for validating the currency. Cybercriminals use Adylkuzz to infect computer systems and utilize their processing capacity to earn money.
Thousands of computers have been attacked
Although it is legal to generate cryptocurrency voluntarily, the Adylkuzz malware infects a computer system without the owner’s knowledge and can severely slow down the performance of hijacked computers and servers.
Adylkuzz has infected hundreds of thousands of machines and predates WannaCry ransomware by weeks, according to information technology security provider Proofpoint.
Adylkuzz is harder to detect and identify
The Adylkuzz virus and WannaCry ransomware both take advantage of unpatched and bootlegged Windows operating systems, but the Adylkuzz malware is more subtle and difficult to detect.
A ransomware attack is obvious — the computer user is confronted with a screen that announces the data is being held hostage for payment. Computers infected with Adylkuzz experience a degradation of PC and server performance and the loss of access to shared Windows resources.
The operator of the targeted computer might notice the slowdown, but not suspect a cyber attack. All the while, the computer system resources are actually mining for Monero on behalf of cybercriminals.
The cryptocurrency of choice for cybercriminals
The Monero cybercurrency is similar to the better known Bitcoin cybercurrency in that it uses an open ledger system, but Monero is considered to be more secure and, more importantly, more confidential. As a result, Monero has become the cybercurrency of choice among cybercriminals and on the dark web, increasing its price more than three thousand percent in the past year.
Windows 10 is not affected by either Adylkuzz or WannaCry, but other versions of the operating system must be updated immediately with the latest security patch.
Depending on the type of antivirus software you are running, you should consult instructions on the product’s website. You may need to reinstall operating system files or the system itself.
Five tips to help protect your computer system
Hackers are constantly probing for system vulnerabilities and creating new viruses, so it’s always best to update all computer operating systems regularly to help prevent cyber attacks and infections. Here are five tips to help protect your computer system:
- Use a firewall. Configure it to block unnecessary incoming traffic.
- Train employees and reinforce the training periodically. Employees should be directed to refrain from clicking links in emails and to confirm the sender actually sent an attachment before opening it. Even if the email appears to be from a trusted source, employees should copy and paste links into a browser to see what the link is before attempting to navigate to the web page.
- Use complex passwords that cannot be easily guessed.
- Need-to-know/right-to-know. When it comes to non-public information, computer users should only have access to data and programs that they have a genuine need and right to know.
- Turn off unnecessary services such as autoplay, file sharing, games, apps or programs (do a web search first to make sure you are not uninstalling something important).
© 2017 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved. This article is for informational purposes only and does not modify or invalidate any of the provisions, exclusions, terms or conditions of the applicable policy and endorsements. For specific terms and conditions, please refer to the applicable coverage form.