Skip to Content

Another huge cyber attack is underway

Another huge cyberattack is underway after last week's assault on computers worldwide, according to a global cybersecurity firm, suggesting military-grade cyberweapons are now being deployed for cyber crime.

Published: May 18, 2017, 11:21 am

    Cyber bandits used EternalBlue and DoublePulsar, developed by the NSA and released by the ShadowBrokers hackers back in April. The attackers used both these exploits to install the cryptocurrency miner Adylkuzz.

    “We don’t know how big it is” but “it’s much bigger than WannaCry”, Proofpoint’s vice president for email products, Robert Holmes, told AFP on Wednesday.

    The WannaCry cyberattack paralyzed computer systems worldwide. In Freiburg, Germany, a passenger told FWM, that all electronic noticeboards were down and transport interrupted. Not only Deutsche Bahn rail network were among those hit, but also Britain’s National Health Service, US package delivery giant FedEx and Spanish telecoms giant Telefonica.

    US officials on Tuesday put the number of computers infected by WannaCry at over 300 000. Despite a quick breakthrough that caused WannaCry to be slowed down, researchers don’t yet fully understand it.

    “The problem is that we’re still not certain about the origin of the infections” because it wasn’t via emails which deceive users into installing the virus, an expert told AFP on condition of anonymity.

    The latest attack targets the same vulnerabilities as the WannaCry ransomware, but uses the hundreds of thousands of computers believed to have been infected to mine virtual currency.

    Researchers at Proofpoint have discovered Adylkuzz, said Nicolas Godier, a researcher at the computer security firm. “It uses the hacking tools recently disclosed by the NSA and which have since been fixed by Microsoft in a more stealthy manner and for a different purpose,” he said.

    Virtual currencies such as Monero and Bitcoin make use of volunteers computers to record transactions.

    According to Proofpoint the attack include loss of access to shared Windows resources and degradation of PC and server performance. “As it is silent and doesn’t trouble the user, the Adylkuzz attack is much more profitable for the cyber criminals. It transforms the infected users into unwitting financial supporters of their attackers,” said Godier.

    Adylkuzz may have been infecting computers since at least May 2, and perhaps even since April 24, but due to its stealthy nature was not immediately detected.

    Shadow Broker hackers also released a data dump allegedly stolen from the NSA that details the agency’s ability to hack international banks, as well as the SWIFT network, via Windows PCs and servers used in global financial transfers.

    Dubbed ‘Lost in Translation,’ the hack lists Qatar First Investment Bank, Dubai Gold and Commodities Exchange and Tadhamon International Islamic Bank as allegedly compromised.

    One of the world’s most secure methods of making payment orders has been compromised as the hacking tools are now freely available online.

    Adylkuzz initially prevents cybersecurity professionals from identifying that there is a problem.

    While the term cryptocurrency is typically associated with Bitcoin, Adylkuzz actually mines Monero, a similar but more heavily encrypted digital currency. Monero became popular after it was adopted in the AlphaBay market on the Dark Web. One monero is roughly equivalent to $27 at current exchange rates.

    The attackers regularly changes the online payment address to avoid attracting attention.

    As in the case of the WannaCry attack, hackers used the NSA’s weaponized tools of Microsoft operating systems to infect hundreds of thousands of machines worldwide with malware, and many more are expected in the future.

    Keep ​your language polite​. Readers from many different countries visit and contribute to Free West Media and we must therefore obey the rules in​,​ for example​, ​Germany. Illegal content will be deleted.

    If you have been approved to post comments without preview from FWM, you are responsible for violation​s​ of​ any​ law. This means that FWM may be forced to cooperate with authorities in a possible crime investigation.

    If your comments are subject to preview ​by FWM, please be patient. We continually review comments but depending on the time of day it can take up to several hours before your comment is reviewed.

    We reserve the right to del​ete​ comments that are offensive, contain slander or foul language, or are irrelevant to the discussion.

    Americas

    American Psychiatric Association warns against ‘diagnosing’ Trump

    American Psychiatric Association has warned leftist psychiatrists to stop "diagnosing" President Trump without a medical examination, as it represents a total violation of medical ethics.

    ‘Consensus’ on climate science takes a hit in 2017

    Climate change research for 2017 revealed that the alleged "consensus'" on the so-called dangers of anthropogenic global warming has not yet been established as far as all climate scientists are concerned.

    Lawsuit likely to reveal the bizarre and disturbing culture inside Google

    Santa ClaraJames Damore, an employee fired from Google for circulating a memo critical of feminism and their diversity initiatives, has filed a discrimination lawsuit against the company in California.

    Antifa implicated in deadly Amtrak train derailment

    Authorities believe a track obstruction could have been the cause of the deadly Amtrak train derailment in Washington state. Footage from two weeks ago show a fracking protest on the railroad tracks.

    Only 31 percent of Americans back Jerusalem as Israeli capital

    US President Donald Trump signed a declaration earlier this week officially announcing his intention to relocate the American embassy to Jerusalem from Tel Aviv. But his choice is not popular with Americans.

    US refugee admission signals drop as Trump pulls out of UN migration initiative

    Refugee admissions to the United States were down 83 percent in the first two months of the fiscal year for 2018 - October and November - compared to the first two months of of the previous fiscal year 2017.

    Democratic Party in the US disintegrating

    Former Democratic National Committee (DNC) Chair Donna Brazile has charged the Clinton campaign of essentially rigging the 2016 primaries as well as being responsible for a staffer's murder before the election.

    Twitter’s suspension of Trump account raises serious questions

    President Donald Trump's personal Twitter account was shut down on Thursday after a disgruntled Twitter employee had deactivated the account the company said. But does Twitter's explanation make sense?

    US Air Force preparing to put nuclear-armed bombers on alert

    The US Air Force at Barksdale Air Fore Base, near Bossier City, Louisiana — is preparing to put nuclear-armed bombers back on 24-hour ready alert, a status not seen since the Cold War ended in 1991.

    Fake news beyond the headlines

    Mainstream media news content does no longer contain anything relevant beyond the screaming headlines designed to generate clicks.

    Go to archive