Hackers mint crypto-currency with technique in global ‘ransomware’ attack | HT Tech

Hackers mint crypto-currency with technique in global ‘ransomware’ attack

Researchers at security firm Proofpoint said the related attack, which installs a currency “miner” that generates digital cash, began infecting machines in late April or early May.

By: REUTERS
| Updated on: May 17 2017, 08:42 IST
WannaCry has infected more than 300,000 computers since Friday, locking up their data and demanding a ransom payment to release it.
WannaCry has infected more than 300,000 computers since Friday, locking up their data and demanding a ransom payment to release it. (AFP)

A computer virus that exploits the same vulnerability as the global "ransomware" attack has latched on to more than 200,000 computers and begun manufacturing digital currency, experts said Tuesday.

The development adds to the dangers exposed by the WannaCry ransomware and provides another piece of evidence that a North Korea-linked hacking group may be behind the attacks.

You may be interested in

MobilesTablets Laptops
27% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Vivo X100 Pro 5G
  • Asteroid Black
  • 16 GB RAM
  • 512 GB Storage
10% OFF
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

WannaCry, developed in part with hacking techniques that were either stolen or leaked from the US National Security Agency, has infected more than 300,000 computers since Friday, locking up their data and demanding a ransom payment to release it.

Also read
Looking for a smartphone? To check mobile finder click here.

Researchers at security firm Proofpoint said the related attack, which installs a currency "miner" that generates digital cash, began infecting machines in late April or early May but had not been previously discovered because it allows computers to operate while creating the digital cash in the background.

Proofpoint executive Ryan Kalember said the authors may have earned more than $1 million, far more than has been generated by the WannaCry attack.

Like WannaCry, the program attacks via a flaw in Microsoft Corp's Windows software. That hole has been patched in newer versions of Windows, though not all companies and individuals have installed the patches.

Digital currencies based on a technology known as blockchain operate by enabling the creation of new currency in exchange for solving complex math problems. Digital "miners" run specially configured computers to solve the problems and generate currency, whose value ultimate fluctuates according to market demand.

North Korea has attracted attention in the WannaCry case for a number of reasons, including the fact that early versions of the WannaCry code used some programming lines that had previously been spotted in attacks by Lazarus Group, a hacking group associated with North Korea.

Security researchers and US intelligence officials have cautioned that such evidence is not conclusive, and the investigation is in its early stages.

In early April, security firm Kaspersky Lab said that a wing of Lazarus devoted to financial gain had installed software to mine Moreno on a server in Europe.

A new campaign to mine the same currency, using the same Windows weakness as WannaCry, could be coincidence, or it could suggest that North Korea was responsible for both the ransomware and the currency mining.

Kalember said he believes the similarities in the European case, WannaCry and the miner were "more than coincidence."

"It's a really strong overlap," he said. "It's not like you see Moreno miners all over the world."

The North Korean mission to the United Nations could not be reached for comment, while the FBI declined to comment.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 17 May, 08:41 IST
NEXT ARTICLE BEGINS