virus logo Intrusion Prevention

Adylkuzz.Botnet

description-logoDescription

This indicates that a system might be infected by Adylkuzz Botnet.
Adylkuzz infects computers by using the EternalBlue exploit, which leverages a vulnerability (MS17-010) in Microsoft Server Message Block. Once a system is infected, the malware will use the victim's computer to mine cryptocurrencies such as Monero.

affected-products-logoAffected Products

Any unprotected Windows system is vulnerable

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

If required, the signature's action can be set to "Block".
Please use Anti-Virus software to scan and clean the infected computer.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://www.proofpoint.com/us/threat-insight/post/adylkuzz-cryptocurrency-mining-malware-spreading-for-weeks-via-eternalblue-doublepulsar
ID 44036
Created May 25, 2017
Updated May 25, 2017
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID
Default Action pass
Active
Affected OS Windows
Affected App Other