Symantec researchers warn that malware is being used to infiltrate corporate networks and hijack computers into running mining code to produce cryptocurrency.
Symantec's Alan Neville said the "Beapy" malware was first detected in January, but has ballooned to more than 12,000 unique infections across 732 organizations since March.
Beapy gains access via a malicious email opened by a corporate employee, which drops the NSA-developed DoublePulsar malware to install a persistent backdoor on the infected system. A lateral network infection is then orchestrated with NSA's EternalBlue exploit.
Once the backdoor is entrenched, Beapy is pulled from the hacker's command and control server to penetrate each computer with the mining software.
View Full Article
Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA
No entries found