• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2018
  • February
  • 5
  • Fileless WannaMine Cryptojacking Malware Using NSA Exploit

Fileless WannaMine Cryptojacking Malware Using NSA Exploit

February 5, 2018February 4, 2018 Comments Off on Fileless WannaMine Cryptojacking Malware Using NSA Exploit
Fileless WannaMine Cryptojacking Malware Using NSA Exploit wannamine tool wannamine tutorial

Forget WannaCry and welcome WannaMine, a fileless cryptojacking malware using leaked NSA exploit called EternalBlue.

We cannot ignore the fact that cryptocurrencies are much in demand and monetary worth of digital currencies like Bitcoin, Ethereum, Litecoin, and Monero have soared tremendously, thereby, increasing the purchasing power and liquidity of cryptocurrency wallets.

In such a time, cybercriminals were expected to make use of the utterly profitable nature of cryptocurrencies and to do this, they have come up with an extremely productive process known as mining. Through cryptocurrency mining, they can drain energies from even the most powerful computer systems.

Whats more disturbing is that now cybercriminals have come up with cryptojacking malware that is solely created to suck the CPU power from computers. One such cryptojacking malware is WannaMine. It uses leaked hacking tools of the NSA (National Security Agency) to gain access to computers and drain off processor power to carry out mining.

Here, we must recall the NSA’s Windows exploit known as EternalBlue that was leaked in April 2017 by hacking group Shadow Brokers and was later used to launch the disastrous WannaCry ransomware that caused havoc worldwide and locked down NHS systems. WannaCry ransomware managed to infect around 230,000 computers in nearly 150 countries only to pave the way for another highly dangerous ransomware NotPetya. The same exploit is being used again to carry out Bitcoin and Monero mining using cryptojacking malware WanaMine.

WannaMine was identified by cybersecurity firm Panda in October 2017 while the malware was mining Monero after hijacking CPU cycles on the targeted computer. Another cybersecurity firm CrowdStrike stated that they have observed an increment in the distribution rate of WannaMine malware as infections caused by this malicious software have doubled in last few months. In fact, it crippled the operations of various companies for days and weeks and used the resources of their CPUs for Monero mining.

WannaMine is a fileless malware that utilizes advanced tactics and techniques to “maintain persistence within a network and move laterally from system to system. WannaMine uses credentials acquired with the credential harvester Mimikatz to attempt to propagate and move laterally with legitimate credentials.” wrote CrowdStrike security researchers.

Hackers are using a wide range of techniques to infect computers from email phishing attacks to remote access hack. Using Mimikatz means that the machines patched against the notorious EternalBlue exploit previously won’t be able to tolerate this malware too. “If unsuccessful, WannaMine attempts to exploit the remote system with the EternalBlue exploit,” read the blog post by CrowdStrike researchers.

WannaMine uses built-in Windows components like Windows Management Instrumentation (WMI) and PowerShell to perform its malicious tasks. Since it is a fileless malware, hence, it becomes quite difficult to detect it or stop it from harming the computers. Although it isn’t the first ever fileless malware it is indeed quite sophisticated in comparison to other malware like Adyllkuzz that require downloading of an application called CPUMiner to operate.

It is worth noting that WannaMine malware isn’t as dangerous as NotPetya or WannaCry were because it does not lock the computers but it does drain off 100% of the IT environment capability of a client by excessively using the CPUs, which is concerning for firms running data centers or server farms.

While for individual users it would mean that their PCs or laptops’ performance will deteriorate considerably. To protect your computers, it is important to enhance anti-virus security and install cybersecurity tools to ensure endpoint protection and mitigate WannaMine threat.

Post navigation

KeyBox – Open-source Web-based SSH Console
Hacking Germany – Computers, Cyber Attacks and The Future (Documentary Film)

Related Articles

A Guide to Crypto Self-Custody

A Guide to Crypto Self-Custody

- Dark Web News
February 1, 2023
Austrian Resold Drugs Purchased on The Dark Web

Austrian Resold Drugs Purchased on The Dark Web

- Dark Web News
January 29, 2023
Former Doctor Imprisoned for Attempting to Hire Hitmen

Former Doctor Imprisoned for Attempting to Hire Hitmen

- Dark Web News
January 26, 2023
hacker gadgets
hacker phone covers

Recent Posts

CVE-2023-25135: Pre-authentication RCE Vulnerability on vBulletin

CVE-2023-25135: Pre-authentication RCE Vulnerability on vBulletin

February 3, 2023
Aws-Security-Assessment-Solution - An AWS Tool To Help You Create A Point In Time Assessment Of Your AWS Account Using Prowler And Scout As Well As Optional AWS Developed Ransomware Checks

Aws-Security-Assessment-Solution – An AWS Tool To Help You Create A Point In Time Assessment Of Your AWS Account Using Prowler And Scout As Well As Optional AWS Developed Ransomware Checks

February 3, 2023
CVE-2023-0179 PoC

Researcher Publishes PoC Exploit for Privilege Escalation Flaw (CVE-2023-0179) in Linux Kernel

February 3, 2023
CVE-2022-21587 & CVE-2023-22952 Vulnerabilities Being Exploited in Attacks

CVE-2022-21587 & CVE-2023-22952 Vulnerabilities Being Exploited in Attacks

February 3, 2023
Android-PIN-Bruteforce: bruteforcing the lockscreen PIN

Android-PIN-Bruteforce: bruteforcing the lockscreen PIN

February 2, 2023
Suborner - The Invisible Account Forger

Suborner – The Invisible Account Forger

February 2, 2023

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Join Our Community!

Please wait...
Get the latest News and Hacking Tools delivered to your inbox.
Don't Worry ! You will not be spammed

Active Members

Submit a Tool

Hackers Handbook 2018


Grab your copy here

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW