. home.aspx

NEWS

home.aspx
   


PyRoMineIoT cryptojacker uses NSA exploit to spread

June 18, 2018 / Michael Heller

The latest malware threat based on the EternalRomance NSA exploit is PyRoMineIoT, a cryptojacker infecting IoT devices. But experts said the NSA shouldn't be held responsible for the damages. A new malware variant reads like the greatest hits of cyberthreats: a cryptojacker using an NSA exploit to scan for IoT devices with hardcoded passwords to spread and distribute the miner. And according to experts, there's blame to be had on all sides. Researchers at Fortinet's FortiGuard Labs have been tracking Python-based malware that uses the EternalRomance National Security Agency (NSA) exploit to spread and install a cryptominer -- hence, PyRoMine. And, now, the researchers found a variant that directly targets IoT devices, which they call PyRoMineIoT. Jasper Manuel, a malware researcher at Fortinet, based in Sunnyvale, Calif., wrote in a blog post that PyRoMine and PyRoMineIoT malware don't need Python to be installed on the target systems, and PyRoMineIoT uses the EternalRo...