What is WannaMine?

Code in the shape of hacker using computer

Remember the EternalBlue exploit that leaked from the NSA and fueled the WannaCry and NotPetya attacks in 2017? Unfortunately, we’re not free from it’s evil and innovative ways.

The same method of breaking in that’s used in WannaCry ransomware is being used to infiltrate crypto-mining platforms, and it’s been given the appropriate title of “WannaMine.” While this isn’t the first time hackers have used the EternalBlue exploit to spawn cryptocurrency, it’s been happening more often in recent months, and cybersecurity firm CrowdStrike is reporting that hackers’ capabilities are more sophisticated than ever.

So, How Does WannaMine Work?

“The file-less malware leverages advanced tactics and techniques to maintain persistence within a network and move laterally from system to system,” says security researchers at CrowdStrike in a January 25th blog. “This tool leverages persistence mechanisms and propagation techniques similar to those used by nation-state actors.”

“First, WannaMine uses credentials acquired with the credential harvester Mimikatz to attempt to propagate and move laterally with legitimate credentials. If unsuccessful, WannaMine attempts to exploit the remote system with the EternalBlue exploit used by WannaCry in early 2017,” they went on to explain.

Hackers are using a range of techniques from remote access hacking to phishing attacks to infect machines. And, given the hike in attacks, researchers are anticipating that the hackers behind WannaMine will soon evolve their capabilities to go undetected.

While the WannaMine attacks aren’t able to lock users out of their machines as NotPetya or WannaCry did, it does have the power to affect business operations and cause IT systems to crash. In fact, one CrowdStrike client noted that 100 percent of their IT environment capability was sucked up by over-utilizing CPUs.

How Do I Avoid WannaMine?

To mitigate the threat to your business and personal devices, take preventative measures and beef up your anti-virus and cyber security tools. Even if you don’t own crypto coins or are part of the cryptocurrency scene, you are still at risk. WannaMine malware attacks attempt to acquire free use of your computer, whether you’re interested in crypto mining or not. Call your Managed Service Provider to see what they are doing to keep you safe, and if they aren’t meeting your needs, give the experts at Stability Networks a call today!

Other Articles

network engineer working in server room
Managed I.T. Solutions

Why You Should Outsource Your IT

Working with a managed service provider (MSP) has many pros and cons, but the right partnership is an investment worth making. When it comes to

Schedule time with us

Welcome to our scheduling system—designed with your convenience in mind! Whether you want to meet in-person, or video-chat, we’re ready to book a time that suits you best.

Bringing Stability back to I.T.

We look forward to providing you an I.T. Solution Proposal. To start the process, simply fill out the form to provide us with some company information and your needs. As soon as we receive it we will contact you to understand your needs and begin gathering information for your proposal.