Adylkuzz and the New Age of Malware

Adylkuzz can teach us even a more important security lesson than WannaCry – if we pay attention.

Adylkuzz is a bit of malware that you probably didn’t hear, but ran amok in May 2017, infecting Windows computers around the globe and using them for its own purposes. No, we’re not talking about another name for WannaCry – we’re talking about a more insidious type of attack that illustrates just how dangerous malware can be.

The Case of Adylkuzz

With all the furor created over WannaCry, it was easy to miss another, related malware attack, one knows as Adylkuzz, which was noted around the same time. Adylkuzz was a very different type of malware from the ransomware WannaCry, which held files on Windows computers hostage in exchange for money.

Adylkuzz popped up using the same vulnerability as WannaCry, a Windows exploit used by the EternalBlue hacking tools (which was quite possibly developed by the NSA). However, this bit of malware acted very differently: Instead of trying to extort money, it silently sets to work install a cryptocurrency miner in the background of the computer. This “recruits” the computer for the hacker, using some of its processing power to literally create money – in this case, the cryptocurrency Monero.

As you can see, the goal of Adylkuzz was to stay invisible, and it was good at its job. The security organization Proofpoint only found Adylkuzz while it was researching how WannaCry worked. For a large chunk of May, Adylkuzz went around hiding in WannaCry’s shadow and infecting up to 150,000 machines until people realized it was also a problem.

What Makes This Type of Malware Dangerous

When WannaCry hit, everyone knew about it. That’s the good thing about ransomware – it has to announce itself to complete its goal. But not all malware has to do this, which is why attacks like Adylkuzz can be so dangerous for businesses. Imagine if this type of malware was working behind the scene to copy and send sensitive business data instead of just using processing power! Remember, it took weeks to find out that it even existed, and that’s a lot of time for malware to do its work. Often, the most dangerous types of cyber attacks are those that go unnoticed until it is too late.

The Good News About Adylkuzz

All right, let’s take a look at the good news here. Adylkuzz was, fortunately, not programmed with much malicious intent. As we mentioned, turning a computer in a miner while avoiding detection is far safer for your data than a destructive or theft-oriented bit of malware.

In an even stranger twist, Adylkuzz wasn’t all bad for the computers that it infected. The malware was programmed to stay undetected in part by blocking any other malware from infecting the computer, up to and including WannaCry, which actually made Adylkuzz-infected computers immune to the WannaCry threat. This was a smart move: When WannaCry was discovered and a solution was found, it also meant the end of Adylkuzz. This is a point in favor of white hat security – patching one vulnerability can remove multiple threats at once.

Finally, it’s worth noting that while WannaCry could automatically infect computers through network connections, Adylkuzz was limited to the hacker’s personal work, and only infected the machines that it was directed to, based on how vulnerable the hacker believed certain systems to be.

Why It’s Important to Acknowledge All Types of Malware

When a big story like WannaCry hits, it can spur many organizations to finally implement security upgrades and important new precautions to keep data safe. But in the long-term, this kind of approach creates its own problem. Systems cannot be accurately patched based on whatever the “threat of the day” may be. That leads to a very shortsighted approach that allows other, sneakier malware to infect systems that are not adequately prepared. For every news-cycle-dominating attack like WannaCry, there are several Adylkuzz attacks lurking, watching for lazy security.

If you want full protection for your Florida business, it’s important to create a full security plan that includes regular updates and all necessary patches to protect from the latest threats. LAN Infotech can help! Find out more about our IT systems services by calling us at (954) 717-1990 or emailing at sales@laninfotech.com.

Fort Lauderdale Computer Networks
Network Services in Fort Lauderdale
Network Consulting in Fort Lauderdale
Fort Lauderdale Data Backup
Data Security Fort Lauderdale
 
Client Feedback

“We were having major problems with our email system. We reached out to the IT department of a trusted major law firm here in Miami who in turn recommended Lan Infotech and Michael Goldstein’s team of experts. I find everyone to be professional, knowledgeable and thorough. This gives me huge confidence that I am using a vendor I can trust and rely on.”

—Bart Garratt
HR & Tech. Coordinator
The Legal Aid Society
read more»

Featured IT Services Fort Lauderdale Articles

LAN Infotech Recognized as Leading Microsoft Marketing Partner Worldwide

The team of IT specialists from LAN Infotech are thrilled to announce that they have been recognized on Fifty-Five and Five’s Inbound Marketing Excellence Report as one of the top 250 Microsoft mark

Read more

Featured IT Services

IT Consulting Advice for Fort Lauderdale: Taking Care of Your Employees Is Taking Care of Your Business!

Quid Pro Quo An IT consulting firm in Fort Lauderdale will usually advise that you get what you give. This is the core principle which defines most working relationships. The employer gives the em

Read more

Featured IT Services

IT Services Business Advice: Do You Really Need a Management Consultant in Fort Lauderdale?

Eliminate the Middleman IT services in Fort Lauderdale need not cost an arm and a leg to provide services your own organization could source internally. You want a consultation agency willing to he

Read more

Featured IT Services