Home Malware ZombieBoy: Malware Hijacking The Crypto World | Latest Virus Update
ZombieBoy: Malware Hijacking The Crypto World | Latest Virus Update ZombieBoy: Malware Hijacking The Crypto World | Latest Virus Update
Malware,News | 08/03/2018

ZombieBoy: Malware Hijacking The Crypto World | Latest Virus Update

When was the last time you checked your PC health? Do you know your PC requires a regular Check Up!!!

ZombieBoy : Crypto World Stands On High ALERT!

ZombieBoy malware is the new crypto mining malware which is discovered earlier this week. ZombieBoy has taken the crypto world by storm making huge news.

At the initial level, this malware started mining $1000 per month. James Quinn, a private security researcher, revealed the threat of this malware.

Question: What is a Malware

ZombieBoy Malware

Twitter was flooded, to put a reliable source:

Multiple CVEs exploited by the New Crypto-Mining Malware: ZombieBoy

How is ZombieBoy named?

After its use of ZombieBoy Tools kit; a kit used by the malware author to drop the first .DLL file. This is how ZombieBoy was named.

This is somehow similar to Massminer; to infect the next victim, this malware uses WinEggDrop.

As reported by Quinn,

ZombieBoy malware was collecting around $1000 cryptocurrencies every 30 days. Traces led back to the Monero mining pool (MineXMR) before a recent closure of its address.  

Due to its simple mandarin uses, this malware can be traced to its origin: China. Monero [XMR] and Zcash [ZEC] are its most common target.

Certain weak points are attacked by this malware while targeting a victim. They are:

  1. CVE-2017-9073: On Windows XP and Windows 2003, this is a primary Remote Desktop Protocol.

  2. It targets the ‘Server Message Block’; here CVE-2017-0146 & CVE-2017-0143 is utilized.

To access control over a machine/device:

ZombieBoy takes over the DoublePulsar and EternalBlue; developed by NSA [National Security Agency].


  • Increases the chances of the network crashing.

  • Impossible to be traced even by the IT department to identify the threat.

Encoded with Themedia

This is a pop-up preventing ZombieBoy to be traced back as its block this malware to run on a Virtual Machine. This makes it impossible for the engineers to trace it back. Also, this highlights the countermeasure protocols that can be developed along with its effectiveness.

ZombieBoy: The New Danger

‘IRON TIGER APT’ introduced:

According to the recent reports, ZombieBoy has connected (shaken hands) itself with ‘IRON TIGER APT’, a similar malware of the same origin. Also, a version of Gh0stRAT. Similar more malware which has their origin in China indicating a continuing resolution and evolution.

How To Protect Against ZombieBoy


If you are a company and looking to protect your machines from ZombieBoy Malware, here are few measures that you can take:

  1. Impair Access: to less used services and ports.

  2. Two-Factor Authentication should be allowed.

  3. Keep an updated Antivirus protection.

  4. End-point safety protocols should be ventured.

  5. Actively formulate secondary practices.

This is how you can safeguard your network from ZombiBoy malware.

Stay Protected and Guarded against any such malware. Keep following ‘How To Remove It for the latest updates and news.

Also, Read: Facebook faces $100 Billion loss in 1 day | Biggest fallout (NEWS!!)

Get peace of mind! Get rid of malicious programs instantly

Free Malware Scan Compatible with Win 10,8.1,8 & 7


× Zoom Image