Another hazardous malware called Adylkuzz that exploits the vulnerability of Windows software has surfaced even as the world is trying to contain WannaCry ransomeware attack that has infected computers around the world. Surprisingly, the virus has been there for a while and is said to have caused more damage than the WannaCry.
Adylkuzz, that also exploits the same Windows vulnerability like the WannaCry ransomeware, has reportedly affected more than 200,000 computers so far.
Researchers at security firm Proofpoint has said that the malware installs a currency "miner" in vulnerable computers and generates digital cash. Adylkuzz is believed to have racked in more than $1 million for the hackers, which is much more than what's been earned by the WannaCry malware.
"Initial statistics suggest that this attack may be larger in scale than WannaCry, affecting hundreds of thousands of PCs and servers worldwide: because this attack shuts down SMB networking to prevent further infections with other malware (including the WannaCry worm) via that same vulnerability, it may have in fact limited the spread of last week's WannaCry infection," according to a statement from Proofpoint.
Surprisingly, Adylkuzz virus is said to have been active since April 24 or at least on May 2, but it remained undetected. Unlike the WannaCry ransomeware that locks down a system until a ransom is paid, Adylkuzz allows the computer to work but at the same time generates digital cash or "Monero" cryptocurrency in the background, keeping the victims unaware of the attack.
So, how do you know if your computer is infected by Adylkuzz virus? Researchers at Proofpoint said that you will loss of access to shared Windows resources and experience degradation of PC and server performance if your computer is infected by Adylkuzz.
Who is behind digital currency miner Adylkuzz? A hacking group called Lazarus Group, associated with North Korea, targeted digital currency Monero last month according to security firm Kaspersky Lab. Both WannaCry ransomeware and Adylkuzz exploit vulnerability of Windows software, suggesting that North Korea could be behind the attacks. However, it is not confirmed yet.