There’s another strain of malware infecting computers, but this one you can’t see.
Instead of a red ransom note — the calling card of the massive WannaCry infection — this newly-discovered malware isn’t noticeable, beyond making a computer run more slowly than usual.
Called “Adylkuzz,” the malware leverages the same hole in old Windows software used to spread WannaCry. But this attack operates in the background of computers, installing a “miner” to generate the cryptocurrency called Monero. Cryptocurrency is digital money, which is generated by computing power — the more power you have, the more currency you’re able to “mine.”
And it makes one aspect of the hacking threat quite clear: Cyberattacks aren’t always flashy ransomware that makes itself known.
The Adylkuzz malware was discovered by the security firm Proofpoint while it was investigating WannaCry, which infected 300,000 machines in 150 countries last weekend. WannaCry spread using a Windows exploit leaked in April (which Microsoft released a patch for in March) that believed to belong to the NSA.
“It’s one of the more worrying [threats], because it can definitely go undetected for weeks if not months,” Darien Huss, senior security research engineer for Proofpoint, told CNNTech.
The Adylkuzz malware started infecting computers around May 2, and was found on at least 150,000 machines. It went undetected until this week, Huss added.
Security firm Symantec said Adylkuzz isn’t spreading as widely because Internet providers are proactively blocking it once they’re aware of it. Also, the malware does not have the ability to put itself onto other computers automatically — its creator manually searches for exploitable machines and puts the malware on them.
The interesting thing about the Adylkuzz malware, Huss said, is that it prevented other viruses from infecting the computer it’s on because it wanted to remain undetectable for as long as possible — that means it prevented WannaCry from ransoming those computers.
Adylkuzz isn’t the next WannaCry — but it’s yet another reason to make sure to take proper security measures.
It’s important to regularly back up your files, keep software up-to-date and install anti-virus software that can alert you when your computer has been compromised.