ZombieBoy : Crypto World Stands On High ALERT!
ZombieBoy malware is the new crypto mining malware which is discovered earlier this week. ZombieBoy has taken the crypto world by storm making huge news.
At the initial level, this malware started mining $1000 per month. James Quinn, a private security researcher, revealed the threat of this malware.
Question: What is a Malware?

Twitter was flooded, to put a reliable source:
“Multiple CVEs exploited by the New Crypto-Mining Malware: ZombieBoy”
How is ZombieBoy named?
After its use of ZombieBoy Tools kit; a kit used by the malware author to drop the first .DLL file. This is how ZombieBoy was named.
This is somehow similar to Massminer; to infect the next victim, this malware uses WinEggDrop.
As reported by Quinn,
ZombieBoy malware was collecting around $1000 cryptocurrencies every 30 days. Traces led back to the Monero mining pool (MineXMR) before a recent closure of its address.
Due to its simple mandarin uses, this malware can be traced to its origin: China. Monero [XMR] and Zcash [ZEC] are its most common target.
Certain weak points are attacked by this malware while targeting a victim. They are:
-
CVE-2017-9073: On Windows XP and Windows 2003, this is a primary Remote Desktop Protocol.
-
It targets the ‘Server Message Block’; here CVE-2017-0146 & CVE-2017-0143 is utilized.
To access control over a machine/device:
ZombieBoy takes over the DoublePulsar and EternalBlue; developed by NSA [National Security Agency].
Consequences:
Encoded with Themedia
This is a pop-up preventing ZombieBoy to be traced back as its block this malware to run on a Virtual Machine. This makes it impossible for the engineers to trace it back. Also, this highlights the countermeasure protocols that can be developed along with its effectiveness.

‘IRON TIGER APT’ introduced:
According to the recent reports, ZombieBoy has connected (shaken hands) itself with ‘IRON TIGER APT’, a similar malware of the same origin. Also, a version of Gh0stRAT. Similar more malware which has their origin in China indicating a continuing resolution and evolution.
How To Protect Against ZombieBoy
Countermeasures:
If you are a company and looking to protect your machines from ZombieBoy Malware, here are few measures that you can take:
-
Impair Access: to less used services and ports.
-
Two-Factor Authentication should be allowed.
-
Keep an updated Antivirus protection.
-
End-point safety protocols should be ventured.
-
Actively formulate secondary practices.
This is how you can safeguard your network from ZombiBoy malware.
Stay Protected and Guarded against any such malware. Keep following ‘How To Remove It’ for the latest updates and news.
Get peace of mind! Get rid of malicious programs instantly
Free Checkup & fix for your PC! Get rid of malicious programs instantly!