It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Another large-scale, stealthy cyberattack is underway on a scale that could dwarf last week's assault on computers worldwide, a global cybersecurity firm told AFP on Wednesday.
The new attack targets the same vulnerabilities the WannaCry ransomware worm exploited but, rather than freeze files, uses the hundreds of thousands of computers believed to have been infected to mine virtual currency.
Following the detection of the WannaCry attack on Friday, "researchers at Proofpoint discovered a new attack linked to WannaCry called Adylkuzz," said Nicolas Godier, a researcher at the computer security firm.
"It uses the hacking tools recently disclosed by the NSA and which have since been fixed by Microsoft in a more stealthy manner and for a different purpose," he said.
"We don't know how big it is" but "it's much bigger than WannaCry", Proofpoint's vice president for email products, Robert Holmes, told AFP.
Proofpoint said in a blog that symptoms of the attack include loss of access to shared Windows resources and degradation of PC and server performance, effects which some users may not notice immediately.
"As it is silent and doesn't trouble the user, the Adylkuzz attack is much more profitable for the cyber criminals. It transforms the infected users into unwitting financial supporters of their attackers," said Godier.
Over the subsequent weekend, however, we discovered another very large-scale attack using both EternalBlue and DoublePulsar to install the cryptocurrency miner Adylkuzz. Initial statistics suggest that this attack may be larger in scale than WannaCry, affecting hundreds of thousands of PCs and servers worldwide: because this attack shuts down SMB networking to prevent further infections with other malware (including the WannaCry worm) via that same vulnerability, it may have in fact limited the spread of last week’s WannaCry infection.
originally posted by: ManFromEurope
As far as I have heard, it tries to utilize the same weaknesses this wannacrybaby-trojan already has used.
Therefore, if your computer worked tuesday, it might very well keep on working.
Unless the Shadowbrokers hid some other nuclear-option of a software error deep in the wikileaks.