A new virus imitates WannaCry to create digital money

The 'ransomware' Adylkuzz uses the same Windows security flaw to spread and could have already infected about 200,000 computers

   The cyber attack that infected thousands of computers around the world on Friday has now a new replica in Adylkuzz, a virus that has affected more than 200,000 computers and uses the same Windows security flaw as its predecessor Wannacry to spread and create digital money ('bitcoin').


Its most prominent aspect is that those affected do not have to know that someone has infected their computer, but it goes unnoticed to use the team's resources to generate digital money. Users would only notice that their computer runs slower.

   "Actually the Adylkuzz attack predates WannaCry and works in a similar way, but something more intelligent, since what it does besides polluting the network is to prevent other 'malware' (including wannacry) from being able to anticipate and infect the equipment themselves" , explains Alfonso Franco, CEO of All4sec, a cybersecurity company.

Franco has also pointed out that "unfortunately it is something that seems to be happening a lot these days, because the exploit related to the Eternal Blue vulnerability was made public on May 9 and that will allow a lot of imitators to appear".

"Adylkuzz uses with more discretion and for different purposes piracy tools recently revealed by the NSA (National Security Agency of the USA) and the vulnerability now corrected in Microsoft," says researcher Nicolas Godier, an expert in cyber security at Proofpoint.

More dangerous than Wannacry

The extent of the virus is still unknown, but it is estimated that close to 200,000 computers could have been infected worldwide. This indicates that their danger is "much greater" than Wannacry, confirms Robert Holmes, an expert at Proofpoint.

This 'malware creates', invisibly, units of an unlocatable virtual currency called Monero, comparable to 'bitcoin'. The data that allows to use this money are extracted and sent to encrypted addresses.

For expert Alfonso Franco, Wannacry has been just "a test" to test the impact and see what could happen. "I would even say that they possibly threw it or missed it before their time," says the CEO of All4sec.

Holmes says that "there had already been attacks of this type, with programs that create cryptographic currency, but never on this scale". WannaCry has already infected more than 300,000 computers in some 150 countries.