"Cryptocurrency Mining Malware That Uses an NSA Exploit Is On the Rise Say hello to WannaMine. A computer security exploit developed by the US National Security Agency and leaked by hackers last year is now being used to mine cryptocurrency, and according to cybersecurity experts the number of infections is rising... This new attack—called WannaMine—may seem like less of a threat than WannaCry because it doesn’t lock users out of their computer. But CrowdStrike noted in a blog post laying out its findings on WannaMine that the company has observed the malware 'rendering some companies unable to operate for days and weeks at a time.' WannaMine infections are also hard to detect because it doesn’t download any applications to an infected device... WannaMine doesn’t resort to EternalBlue on its first try, though. First, WannaMine uses a tool called Mimikatz to pull logins and passwords from a computer’s memory. If that fails, Wannamine will use EternalBlue to break in. If this computer is part of a local network, like at a company office, it will use these stolen credentials to infect other computers on the network..." https://motherboard.vice.com/en_us/article/yw5yp7/monero-mining-wannamine-wannacry-nsa
Cryptocurrency mining attacks using leaked NSA hacking tools are still highly active a year later September 13, 2018 https://techcrunch.com/2018/09/14/c...g-tools-are-still-highly-active-a-year-later/
