What is WannaMine?

Code in the shape of hacker using computer

Remember the EternalBlue exploit that leaked from the NSA and fueled the WannaCry and NotPetya attacks in 2017? Unfortunately, we’re not free from it’s evil and innovative ways.

The same method of breaking in that’s used in WannaCry ransomware is being used to infiltrate crypto-mining platforms, and it’s been given the appropriate title of “WannaMine.” While this isn’t the first time hackers have used the EternalBlue exploit to spawn cryptocurrency, it’s been happening more often in recent months, and cybersecurity firm CrowdStrike is reporting that hackers’ capabilities are more sophisticated than ever.

So, How Does WannaMine Work?

“The file-less malware leverages advanced tactics and techniques to maintain persistence within a network and move laterally from system to system,” says security researchers at CrowdStrike in a January 25th blog. “This tool leverages persistence mechanisms and propagation techniques similar to those used by nation-state actors.”

“First, WannaMine uses credentials acquired with the credential harvester Mimikatz to attempt to propagate and move laterally with legitimate credentials. If unsuccessful, WannaMine attempts to exploit the remote system with the EternalBlue exploit used by WannaCry in early 2017,” they went on to explain.

Hackers are using a range of techniques from remote access hacking to phishing attacks to infect machines. And, given the hike in attacks, researchers are anticipating that the hackers behind WannaMine will soon evolve their capabilities to go undetected.

While the WannaMine attacks aren’t able to lock users out of their machines as NotPetya or WannaCry did, it does have the power to affect business operations and cause IT systems to crash. In fact, one CrowdStrike client noted that 100 percent of their IT environment capability was sucked up by over-utilizing CPUs.

How Do I Avoid WannaMine?

To mitigate the threat to your business and personal devices, take preventative measures and beef up your anti-virus and cyber security tools. Even if you don’t own crypto coins or are part of the cryptocurrency scene, you are still at risk. WannaMine malware attacks attempt to acquire free use of your computer, whether you’re interested in crypto mining or not. Call your Managed Service Provider to see what they are doing to keep you safe, and if they aren’t meeting your needs, give the experts at Stability Networks a call today!

Other Articles

Must Need Commercial Cloud Security Essentials Blog
Cloud & Server Virtualization

Must Have Commercial Cloud Security Essentials

When we talk about the cloud, we’re referring to servers located in data centers around the world that are accessed over the internet, as well as the

SN FEB WK3 022118 300x157
Cybersecurity & Security

Beware of Smishing – SMS Phishing Attacks

There’s been plenty of research in recent years on how much time the average person spends on their mobile phones per day, and the estimates

Schedule time with us

Welcome to our scheduling system—designed with your convenience in mind! Whether you want to meet in-person, or video-chat, we’re ready to book a time that suits you best.

Bringing Stability back to I.T.

We look forward to providing you an I.T. Solution Proposal. To start the process, simply fill out the form to provide us with some company information and your needs. As soon as we receive it we will contact you to understand your needs and begin gathering information for your proposal.