Adylkuzz is a bit of malware that you probably didn’t hear, but ran amok in May 2017, infecting Windows computers around the globe and using them for its own purposes. No, we’re not talking about another name for WannaCry – we’re talking about a more insidious type of attack that illustrates just how dangerous malware can be.
The Case of Adylkuzz
With all the furor created over WannaCry, it was easy to miss another, related malware attack, one knows as Adylkuzz, which was noted around the same time. Adylkuzz was a very different type of malware from the ransomware WannaCry, which held files on Windows computers hostage in exchange for money.
Adylkuzz popped up using the same vulnerability as WannaCry, a Windows exploit used by the EternalBlue hacking tools (which was quite possibly developed by the NSA). However, this bit of malware acted very differently: Instead of trying to extort money, it silently sets to work install a cryptocurrency miner in the background of the computer. This “recruits” the computer for the hacker, using some of its processing power to literally create money – in this case, the cryptocurrency Monero.
As you can see, the goal of Adylkuzz was to stay invisible, and it was good at its job. The security organization Proofpoint only found Adylkuzz while it was researching how WannaCry worked. For a large chunk of May, Adylkuzz went around hiding in WannaCry’s shadow and infecting up to 150,000 machines until people realized it was also a problem.
What Makes This Type of Malware Dangerous
When WannaCry hit, everyone knew about it. That’s the good thing about ransomware – it has to announce itself to complete its goal. But not all malware has to do this, which is why attacks like Adylkuzz can be so dangerous for businesses. Imagine if this type of malware was working behind the scene to copy and send sensitive business data instead of just using processing power! Remember, it took weeks to find out that it even existed, and that’s a lot of time for malware to do its work. Often, the most dangerous types of cyber attacks are those that go unnoticed until it is too late.
The Good News About Adylkuzz
All right, let’s take a look at the good news here. Adylkuzz was, fortunately, not programmed with much malicious intent. As we mentioned, turning a computer in a miner while avoiding detection is far safer for your data than a destructive or theft-oriented bit of malware.
In an even stranger twist, Adylkuzz wasn’t all bad for the computers that it infected. The malware was programmed to stay undetected in part by blocking any other malware from infecting the computer, up to and including WannaCry, which actually made Adylkuzz-infected computers immune to the WannaCry threat. This was a smart move: When WannaCry was discovered and a solution was found, it also meant the end of Adylkuzz. This is a point in favor of white hat security – patching one vulnerability can remove multiple threats at once.
Finally, it’s worth noting that while WannaCry could automatically infect computers through network connections, Adylkuzz was limited to the hacker’s personal work, and only infected the machines that it was directed to, based on how vulnerable the hacker believed certain systems to be.
Why It’s Important to Acknowledge All Types of Malware
When a big story like WannaCry hits, it can spur many organizations to finally implement security upgrades and important new precautions to keep data safe. But in the long-term, this kind of approach creates its own problem. Systems cannot be accurately patched based on whatever the “threat of the day” may be. That leads to a very shortsighted approach that allows other, sneakier malware to infect systems that are not adequately prepared. For every news-cycle-dominating attack like WannaCry, there are several Adylkuzz attacks lurking, watching for lazy security.
If you want full protection for your Roswell business, it’s important to create a full security plan that includes regular updates and all necessary patches to protect from the latest threats. Centerpoint IT can help! Find out more about our IT systems services by calling us at (404) 781-0200 or emailing at info@centerpointit.com.
Call our business managed IT services department directly at (404) 777-0147 or simply fill out this form and we will get in touch with you to set up a getting-to-know-you introductory phone call.
Fill in our quick form
We'll schedule an introductory phone call
We'll take the time to listen and plan the next steps
11285 Elkins Rd Suite E1, Roswell, GA 30076
© Copyright 2024 Centerpoint IT. All Rights Reserved. Website in partnership with Tech Pro Marketing. | Privacy Policy
Get Immediate Help For All Your Technology Issues (404) 777-0147
If you want our team at Centerpoint IT to help you with all or any part of your business IT, cybersecurity, or telephone services, just book a call.
Fill in your information below to get started today.
"*" indicates required fields
Fill in your information below to schedule now.
"*" indicates required fields
Before your organization commits to 1, 2, 3 or even longer managed IT services contract, understand what you’re getting. Centerpoint IT gives you the facts in our Managed IT Services Buyer’s Guide.
Enter your information below and we’ll send it over.
"*" indicates required fields
We are turning 15 and want to celebrate this milestone with you because without you this would not have been possible. Throughout this year look for special promotions on services and tools aimed at Making IT Simple for You so you can focus on your business.
We are turning 15 and want to celebrate this milestone with you because without you this would not have been possible. Throughout this year look for special promotions on services and tools aimed at Making IT Simple for You so you can focus on your business.
https://calendly.com/centerpoint-it/discovery-call