Warning: ZombieBoy Cryptocurrency Mining Malware Threatens Users’ Security Worldwide


ZombieBoy Malware Threatens The Security of Cryptocurrency Worldwide

James Quin, a Private security researcher, discovered a major threat to the crypto world earlier in the week in the form of malware. This malware is called ZombieBoy, and it started mining to collect about $1000 each month. The profits stopped recently when the creator decided to close the address, though they could not erase the link to MineXMR, a mining pool with Monero. Based on the simplified mandarin, the researcher places the origins of the malware in China.

The program gets its name from the ZombieBoyTools kit, which it used to launch the first dynamic link library (.DLL) file. It works in a fairly similar way to Massminer but utilizes the WinEggDrop algorithm to locate the next viable victim to cling onto. The victims that were most susceptible were those that held Monero (XMR) or Zcash (ZEC) tokens and performed transactions on those exchanges. The malware was able to quickly attack individual accounts, using areas of weakness, like CVE-2017-9073, a protocol for Windows XP and 2003. They also use a server message block, creeping in with CVE-2017-0146 and CVE-2017-0143.

Since the malware basically ended up with a high amount of back-doors, it was able to utilize technology that was originally developed for the sake of accessing control of a specific device. These programs are called EternalBlue and DoublePulsar, and It basically makes it impossible for any entity to pull the threat from the ecosystem. It also makes it more likely that the entire system will end up crashing, which would not bode well for any cryptocurrency exchange.

The malware is also encoded with Themedia, which will not allow the virus to continue functioning on virtual machines. Basically, the pop-up technology does not leave wiggle room to trace back the activities to any specific person. Furthermore, this technology keeps countermeasure protocols from being used too many times on the malware before it is ultimately found to be useless.

Along with the discovery of ZombieBoy, researchers have also found that it connected with another similar program called IRON TIGER APT, which is the combination of several mining malware projects. With so many companies being impacted, the limited countermeasures that could be used for protection include:

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide