Adylkuzz Malware

Adylkuzz Malware Guide by LIFARS

Adylkuzz is a malicious software that does not show up on your system, but works silently by staying inside your computer, mining a cryptocurrency called Monero. It exploits the same Windows vulnerability by using the same exploit tool (EternalBlue) as done by WannaCry. Considering the capability of remaining undetected in the system, this threat starts resembling some of the features of an APT attack.  

The malware was discovered by the security researchers, while analyzing WannaCry, but hasn’t not received the global media attention that WannaCry has. However, since users may not be aware of Adylkuzz and how it operates, Adylkuzz could be more dangerous than WannaCry. It is believed that Adylkuzz has infected around 200,000 computer systems thereby causing a loss of about 1M, which is more than the loss caused by WannaCry.

In this technical guide, you will learn:

  • What Adyluzz Malware is
  • How does the malware works in four stages
  • Ways to know if your system was infected by Adylkuzz Malware
  • Precautionary measures to make sure that your system(s) are safe

For more information, please visit Ransomware Forensics Solution page, or for any advice on improving cyber defenses, please contact LIFARS Incident Response team..