To replace the famous WannaCry virus came the virus WannaMine also created based on EternalBlue. Get on the computer virus different ways, from clicking on a malicious link and to the remote entry into the system.
To obtain access logins and passwords in the computer’s memory, the virus uses the tool Mimikatz, if this is not enough, it comes in EternalBlue. If your computer is part of a corporate network, the virus will quickly infect the rest of the computers, which can paralyze the company’s work for a few days or even weeks.
«Before EternalBlue was only used by hackers state level, but now the virus base of this tool can be found in the usual criminals,» — said the Director of the Agency on information security CrowdStrike, Bryan York (Bryan York).
In 2017 in the world wide web was raging WannaCry virus that struck computers in 150 countries, the total damage from the actions of this virus is estimated at $ 1 billion.
WannaMine it seems at first glance less aggressive version. Virus does not block the data, demanding a ransom. Instead, the victim’s computer turn on hidden bitcoin mining which leads to increased load of the user equipment.
The observations of experts in the field of cybercrime held in 2017, allow the conclusion that there is a change of trends in the transition of cyber criminals from powerful attacks using ransomware to long-term hidden mining.
Viruses-miners became widespread only by the end of 2017. Often such malware is mined Monero or zcash for, as these coins are still profitable to mine with CPU. This greatly expands the scope of the virus because the victims may become the owners of virtually all computers.