Hacking NewsNews

WannaMine: CryptoJacking Malware Fueled By Leaked NSA Exploit

Hacker” can refer to any skilled computer programmer, the term has become associated with a “Security Hacker“, someone who, with their technical knowledge, uses bugs or exploits to break into computer systems.

Also termed as:

  • An adherent of the technology and programming subculture.
  • Someone who is able to subvert computer security. If doing so for malicious purposes, the person can also be called a cracker.

So, it won’t be unexpected to listen about a cryptojacking malware meant supposed to suck CPU power out of others’ machines. Now, while cryptocurrency is at the rise and mining the same can leave even the most powerful structures gasping for air.

The windows exploit become later used to release worldwide cyber disaster in the name of WannaCry. some other ransomware, also primarily based on EternalBlue, accompanied a month later. You is probably capable of recall the NSA take advantage of referred to as EternalBlue which became leaked by means of the hacker group in April last year.

In fact, we already have observed many.

Also Read: How to Prevent #WannaCry Ransomware by Blocking These Ports!

The attacker also can provoke a remote get try to access attack on the goal. A gadget can get inflamed by means of WannaMine when the user clicks a malicious link in an email or website.


WannaMine isn’t first & primary of its type however its fileless operation makes it more sophisticated than other CryptoJacking malware like Adyllkuzz which downloads an application software called cpuminer. AV software program fall short of competencies while at the same time as appearing towards such threats that don’t write
documents at the disk.


It’s exceptional from WannaCry ransomware, it doesn’t lock people out of their devices as it’s already generating digital money via mining cryptocoins. But, CrowdStrike says the endurance mechanisms and propagation strategies utilized by WannaMine are similar to those leveraged via nation-state actors and the assaults appear to illustrate tendencies that blur the lines among nation-state and common cybercrime approaches.

However some other security organisation known as CrowdStrike said ultimate week that they determined an increasing in the range of WannaMine infections in the last couple of months. The cryptocurrency mining computer virus controlled to cripple the operations of a few companies for days or even weeks while utilizing their gadget resource to mine Monero.

The working of the malware makes it hard for the corporations to take any movement as the malware performs fileless operation, i.e., it doesn’t download or use any record to contaminate a system. WannaMine script takes the help of built-in Windows components such as Windows Management Instrumentation (WMI) and PowerShell to do it’s paintings, makintegratedg it very hard to stumble on and prevent the malware.

The cybersecurity company Panda security discovered a cryptojacking malware built October last year that’s additionally fueled by way of NSA’s EternalBlue take advantage of. It was observed hijacking sufferer’s CPU cycles to mine Monero. WannaMine makes use of exceptional strategies to move from one network to any other a community. First, it makes use of the Mimiktaz device extract the log-in credentials of a system. In case it fails, it uses the EternalBlue exploit to attack the
remote system.

Noor Qureshi

Experienced Founder with a demonstrated history of working in the computer software industry. Skilled in Network Security and Information Security.

Related Articles

Back to top button