Rapidly spreading cryptomining malware uses NSA hacking code
Dubbed “Beapy” by security researchers at Symantec Corp. who identified it last week, the malware is primarily targeting enterprise networks, with the majority of infections detected in China but also other countries in Asia as well. A small number of infections have been detected in the U.S.
Beapy is being spread via emails that have a malicious Excel attachment with them. Once they’re clicked on, Beapy uses the NSA DoublePulsar code to open a backdoor on infected machines that is then exploited to gain access to a corporate network to install cryptomining scripts.
“Beapy is particularly effective for hackers because it targets corporations and leverages NSA technology to spread throughout employees’ devices and perform large-scale, clandestine cryptojacking,” Anurag Kahol, chief technology officer and founder of Bitglass Inc., told SiliconANGLE. “This practice mines cryptocurrency at an extremely accelerated rate and wastes enterprises’ processing and storage power, costing thousands of additional dollars in electricity bills.”
No comments:
Post a Comment