C-Suite On Deck
Keep me plugged in with the best
Join thousands of your peers and receive our weekly newsletter with the latest news, industry events, customer insights, and market intelligence.
I agree to the
terms of service
PLEASE CORRECT THE FOLLOWING:
Please Enter Some Keywords
Beapy: Cryptojacking Worm Hits Enterprises in China
Cryptojacking campaign we have dubbed Beapy is exploiting the EternalBlue exploit and primarily impacting enterprises in China. Beapy is a cryptojacking campaign impacting enterprises that uses the EternalBlue exploit and stolen and hardcoded credentials to spread rapidly across networks. Beapy activity was first seen in Symantec telemetry in January 2019. This activity has also been seen on web servers and has been increasing since the beginning of March. Beapy (W32.Beapy) is a file-based coinminer that uses email as an initial infection vector. This campaign demonstrates that while cryptojacking has declined in popularity with cyber criminals since its peak at the start of 2018, it is still a focus for some of them, with enterprises now their primary target. Almost all of Beapy’s victims are enterprises (Figure 1). Beapy may indicate a continuation of a trend demonstrated by the Bluwimps worm (MSH.Bluwimps) in 2018 and which we mentioned in ISTR 24—an increased focus by cryptojacking criminals on enterprises. While we have no evidence these attacks are targeted, Beapy’s wormlike capabilities indicate that it was probably always intended to spread throughout enterprise networks.
I'm for real
Enter your email once to access all our information and resources.
(Your email address is required so we know you're a real person)
By downloading this content, you give permission for your contact information to be shared with the content provider who may contact you in regards to the content.