Not WannaCry but WannaMine attack: what is it?

There are many exploits that hackers have used over the years. For instance, Rig exploit kit was used by Matrix crypto-malware. EternalBlue is an infamous NSA exploit which played a huge role in one of the biggest cyber attacks of 2017: WannaCry ransomware. Recently researchers have been discussing an intimidating threat, combining the latter NSA exploit and techniques of crypto-mining. Sounds confusing? Let us explain.

WannaMine uses distribution strategies of WannaCry to infect computers with miners

The title WannaMine was not selected randomly. The name derived from the fact that hackers were exploiting strategies of WannaCry distribution in order to spread something completely different from ransomware. Instead of compromising computer devices and its content with crypto-malware, WannaMine is a broad term for all miners that are transmitted via techniques, most commonly known to distribute ransomware viruses.

WannaMine attack

In general, crypto-mining is not considered to be illegal or in any way malicious. However, this statement only applies when miners are installed with users’ consent and knowledge. Nevertheless, hackers have figured out techniques to turn random computers into miners. This method is illegal: crooks secretly inject crypto-miners into browsers and take all of the generated cryptocurrencies for themselves. Victims provide resources for the calculations, but do not receive any money for it.

Security researchers have already detected many malicious crypto-miners: Cloud Packager Miner, Quick Searcher Miner, Soft CoresXMRig and many other variants. They can mine different crypto-currencies like Monero, Bitcoin, Ethereum and etc.

Of course, this unwanted crypto-mining can have a lot of repercussions for users. For instance, there have been reports when computers, infected with miners, used more electricity than usual. Also, computer batteries could reach their limits much faster. People that have battled crypto-miners have also reported that their operating systems were not as efficient, programs took longer to launch and they occasionally experienced freezes or crashes.

Prevent WannaMine attacks with these simple steps

WannaMiner viruses will do exactly that: they will slither into Windows operating systems and transform these devices into obedient miners. This will be done without users’ approval, and most of them won’t be aware of these secretive processes, taking place right under their nose. Users should take caution when they notice OSs acting strange. It does not take long to determine whether a crypto-miner is influencing your computer.

First of all, open your Windows Task Manager and look at the percentage of exploited CPU resources. If the number is approximately 90%, then something is definitely hiding in your device. If everything seems normal, it is essential to protect your resources from being maliciously exploited by hackers.

You can protect your computer device with certain anti-malware tools or AdBlockers, capable of blocking crypto-miners. In addition to this, there is a way to prevent WannaMine attacks from taking place. Since it exploits EternalBlue exploit, all you have to do is use the Microsoft update which fixes it. This should also serve as a fair reminder: always patch your software on every available opportunity. Of course, we are not referring to program updates offered in random pop-ups.


Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Security Guides

Recent Comments