The National Security Agency (NSA) is thought to have discovered a flaw in the Microsoft system and named EternalBlue. In June 2016, Shadow Brokers hacked into the NSA and stole a large number of hacking tools, including tools for exploiting EternalBlue and posting them on Wikileaks.
EternalBlue has been thoroughly exploited by WannaCry, causing terror to the world's users because it encrypts personal and corporate data for news and ransom.
While security networks is still struggling to determine who is behind the WannaCry spread, Proofpoint continues to uncover a new wave of attacks that exploit Microsoft's holes.
Instead of encrypting the extortion data, hackers silently install a virtual money-digging tool on the user's computer. They exploited EternalBlue and DoublePulsar holes to spread a program called Adylkuzz with the ability to dig Monero virtual money and send it to the spreader system.
Monero is an open-source digital currency, which was released in 2014 and now costs $ 28.44 per coin. To dig out virtual money, users exploit key resources such as CPUs, graphics cards, etc. to handle complex calculations and generate virtual currency. The digging is done both on computers, phones and on the web. A computer does not make much money, but thousands of computers work together to generate huge amounts of money.
Adylkuzz's goal is to create a network of thousands of computers around the world to serve virtual hackers. Malware does not control user data, but by exploiting resources as a CPU, it slows down the computer system of users and businesses and, in the long run, damages the finances.
To avoid being attacked, users should install the latest security update for Windows.