New malware that infects systems to mine cryptocurrencies, called WannaMine, which is practically undetectable, since it does not install anything, it is simply a script that takes control of basic Windows resources.

Some time ago, in the month of April specifically, I came to the fore that they had stolen an exploit from the NSA, called EternalBlue, quite dangerous and since then, it has not stopped causing problems. The biggest incident to date was WannaCry, the world's first cyber attack, which affected thousands of companies around the world and spread very quickly. Well, of those muds, these muds. A new malware has appeared, in this case it is called WannaMine, which makes computers mine cryptocurrencies.

CrowdStrike, a cybersecurity company, has discovered a high number of infections through the WannaMine malware in recent months, so much so, that they have made it public, due to more and more computers being infected. This is quite similar to the one detected by Panda Security in October last year, which also relied on the NSA's EternalBlue and used the infected computer to mine Monero, in that case.

This malware is complex to attack for companies, since it does not need to download any type of file to infect the computer. The script in question is made with the control of basic functions incorporated in Windows, such as Windows Management Instrumentation and PowerShell, to perform the operations for which it has been designed, something that makes this malware difficult to detect and eliminate .

WannaMine also has the property of expanding over the local network, since it uses advanced techniques to clone itself on other computers. Computers are infected with WannaMine when a user clicks on a malicious link that may be hidden in an email or on a web page. This malware can also be deployed through a targeted remote access attack. As always, you have to know the websites you are accessing (which are above all, trustworthy), to avoid scares and problems.

Source: Fossbytes