Skip to Content

Another huge cyber attack is underway

Another huge cyberattack is underway after last week's assault on computers worldwide, according to a global cybersecurity firm, suggesting military-grade cyberweapons are now being deployed for cyber crime.

Published: May 18, 2017, 11:21 am

    Cyber bandits used EternalBlue and DoublePulsar, developed by the NSA and released by the ShadowBrokers hackers back in April. The attackers used both these exploits to install the cryptocurrency miner Adylkuzz.

    “We don’t know how big it is” but “it’s much bigger than WannaCry”, Proofpoint’s vice president for email products, Robert Holmes, told AFP on Wednesday.

    The WannaCry cyberattack paralyzed computer systems worldwide. In Freiburg, Germany, a passenger told FWM, that all electronic noticeboards were down and transport interrupted. Not only Deutsche Bahn rail network were among those hit, but also Britain’s National Health Service, US package delivery giant FedEx and Spanish telecoms giant Telefonica.

    US officials on Tuesday put the number of computers infected by WannaCry at over 300 000. Despite a quick breakthrough that caused WannaCry to be slowed down, researchers don’t yet fully understand it.

    “The problem is that we’re still not certain about the origin of the infections” because it wasn’t via emails which deceive users into installing the virus, an expert told AFP on condition of anonymity.

    The latest attack targets the same vulnerabilities as the WannaCry ransomware, but uses the hundreds of thousands of computers believed to have been infected to mine virtual currency.

    Researchers at Proofpoint have discovered Adylkuzz, said Nicolas Godier, a researcher at the computer security firm. “It uses the hacking tools recently disclosed by the NSA and which have since been fixed by Microsoft in a more stealthy manner and for a different purpose,” he said.

    Virtual currencies such as Monero and Bitcoin make use of volunteers computers to record transactions.

    According to Proofpoint the attack include loss of access to shared Windows resources and degradation of PC and server performance. “As it is silent and doesn’t trouble the user, the Adylkuzz attack is much more profitable for the cyber criminals. It transforms the infected users into unwitting financial supporters of their attackers,” said Godier.

    Adylkuzz may have been infecting computers since at least May 2, and perhaps even since April 24, but due to its stealthy nature was not immediately detected.

    Shadow Broker hackers also released a data dump allegedly stolen from the NSA that details the agency’s ability to hack international banks, as well as the SWIFT network, via Windows PCs and servers used in global financial transfers.

    Dubbed ‘Lost in Translation,’ the hack lists Qatar First Investment Bank, Dubai Gold and Commodities Exchange and Tadhamon International Islamic Bank as allegedly compromised.

    One of the world’s most secure methods of making payment orders has been compromised as the hacking tools are now freely available online.

    Adylkuzz initially prevents cybersecurity professionals from identifying that there is a problem.

    While the term cryptocurrency is typically associated with Bitcoin, Adylkuzz actually mines Monero, a similar but more heavily encrypted digital currency. Monero became popular after it was adopted in the AlphaBay market on the Dark Web. One monero is roughly equivalent to $27 at current exchange rates.

    The attackers regularly changes the online payment address to avoid attracting attention.

    As in the case of the WannaCry attack, hackers used the NSA’s weaponized tools of Microsoft operating systems to infect hundreds of thousands of machines worldwide with malware, and many more are expected in the future.

    Keep ​your language polite​. Readers from many different countries visit and contribute to Free West Media and we must therefore obey the rules in​,​ for example​, ​Germany. Illegal content will be deleted.

    If you have been approved to post comments without preview from FWM, you are responsible for violation​s​ of​ any​ law. This means that FWM may be forced to cooperate with authorities in a possible crime investigation.

    If your comments are subject to preview ​by FWM, please be patient. We continually review comments but depending on the time of day it can take up to several hours before your comment is reviewed.

    We reserve the right to del​ete​ comments that are offensive, contain slander or foul language, or are irrelevant to the discussion.

    Americas

    Trump advisor Bolton coordinated US strike on Syria with Israel

    WashingtonIsraeli media reported that John Bolton spoke with his Israeli counterpart, Meir Ben Shabbat, to coordinate the US-led attack on Syria early on Saturday morning.

    Trump vows to bomb Syria – Russia threatens retaliation

    In a tweet today, United States President Donald Trump said that Russia vows to shoot down missiles targeting Syria and comments: “Get ready Russia, because they will be coming”. Military experts now talk about a situation more explosive than the Cuban Crisis of 1962. The geopolitical analyst Manuel Ochsenreiter tells FWM that the harsh rhetoric in any case has destroyed the diplomatic mechanisms that helped prevent escalation during the Cold War.

    Trump calls Black Caucus member ‘low-IQ individual’

    President Trump has described a Congressional Black Caucus member as a "low-IQ individual". The US president spoke at a campaign rally for Pennsylvania special House election candidate Rick Saccone.

    Half of new Democratic hopefuls are former CIA or other operatives

    WashingtonThe Democratic Party in the United States is looking to capture a majority in the House of Representatives in the 2018 midterm elections. But as many as half of their new representatives will be former CIA and other intelligence operatives.

    YouTube uses extremist non-profit SPLC to go after conservatives

    Somali-born Dutch-American activist Ayaan Hirsi Ali is a leading voice for the reformation of Islam. The far-left Southern Poverty Law Center has now labeled her an "anti-Muslim extremist" because she is an advocate for women’s rights in Islam.

    Marion Maréchal-Le Pen: ‘France is no longer free’

    WashingtonYoung French politician Marion Maréchal-Le Pen spoke at the leading American conservative conference outside Washington DC on Thursday, as anti-globalism continues to rise across Europe.

    ‘Kremlin trolling monitor’ a scam says Dutch expert

    The HagueSybrand Buma, the chairman of the CDA in the Lower House, told Dutch news service WNL in January that "Russian trolls" want to cause unrest in the Netherlands via Twitter. Buma claimed they did so during a debate in the House of Representatives. His claim turned out to be rubbish.

    The total implosion of CNN’s anti-conservative news

    Cable’s waning news network giant CNN, has seen its viewership drop by nearly a third during peak-watching hours compared to last year and by almost a quarter during the day.

    Media ignore Big Pharma angle after Florida mass shooting

    The mainstream media has not questioned how serotonin reuptake inhibitors (SSRI) or drugs may be linked to mass shootings given that they are funded by Big Pharma ad revenue.

    Viewer stats crash for Winter Olympic Games without Russia

    Viewer numbers will not even earn the opening of the Olympic Games franchise a bronze medal. It is down 9 percent from what the February 7, 2014 Opening Ceremony of the XXII Winter Olympics from Sochi in Russia delivered in the early numbers.

    Go to archive