back to article Cryptocurrency miner found armed with same exploits as WannaCrypt

The now infamous Windows vulnerability (MS17-010) exploited by the WannaCrypt ransomware has also been abused to spread another type of malware, specifically a cryptocurrency miner. The Adylkuzz campaign predates WannaCry by severals day and may even have limited the spread of last week’s WannaCry infection, according to …

  1. joeldillon

    That has to be the best 'hacker' stock art yet. I know if I went down to our datacentre right now and saw someone with shades, a hoodie pulled over his head and that expression on his face (with or without mysterious pink lines coming out of his laptop) I'd call security!

    (though I don't see an ethernet or RS232 cable, so why does he need to get in there? It's not like your average datacentre has WiFi you know)

    1. Alistair
      Windows

      @joelD

      /agree

      and he needs to be there because the real thing. Green Screen is just such obvious 'shop!

      1. Anonymous Coward
        Anonymous Coward

        "Green Screen is just such obvious 'shop!"

        Those are just the Image Translators displaying the Construct Program, but there's way too much information for that kid to see the Matrix. All he sees are blonds, brunettes, redheads, and all Carl's Jr. locations within a 50 mile radius, plus a coupon for a free shake.

        The real data center is inside the Matrix and is guarded by Agents, Cyber Guard Dogs with high-tech collars that let them talk, and that creepy spoon kid.

    2. Anonymous Coward
      Anonymous Coward

      Of course he had to go inside, how else was he going to plug in the magic USB spy dongle?

    3. fidodogbreath Silver badge

      I know if I went down to our datacentre right now and saw someone with shades, a hoodie pulled over his head and that expression on his face [...] I'd call security!

      A real spy would try to blend in: pasty fluorescent-light complexion; ill-fitting, clay-colored pleated chinos with last year's model Samsung phone on a belt clip (rooted, of course); un-ironed white shirt with bits of Cheeto dust on the cuffs; and a desultory tie from the sale rack (but only if required by the dress code).

  2. Peter 26

    They can update their malware now to install the hotfix thanks to Microsoft releasing it instead of disabling file sharing. :)

  3. Anonymous Coward
    Anonymous Coward

    Here's a thought

    Maybe the NHS should "buy" a tranche of Adylkuzz, and run their own PC estate as a crypto-currency mining asset, doing some code adjustments to run it as a lower priority process to avoid conflicting with the day job. They could make them some money, and block Wcrypt.

    Heck, maybe they'd make enough money to stop robbing us blind for car parking.

  4. Mr Miser
    Flame

    Notice Heat and battery too

    Does the mining use GPU? I would think most of the computers with an SMB vulnerability would not have GPUs worth exploiting. Because mining doesn't use much memory, if it is run on low priority on the CPU, you wont notice a slowdown. If you mine on the GPU, there will be noticeable latency.

    If the mining was limited to running on CPU while plugged in, the only thing most users could notice would be extra heat and fan revving. Eventually the victim might notice a higher electric bill

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021