Updated July 18, 2019
Earlier this year, Berka’s modular scientists discovered it
It delivers eight different cryptocurrencies into the patient’s system
And corrupt add-ons that use UPNP and SMB protocols.
Written in C and co-authored with Mang’s GC, MA, Louvre and Velvorox, Kaspersky scientists found it in February last year.
Those who think they found backdoors in the test phase.
People request and receive revenue from the C2 server
TCP is part of determining what is harmful
Installation and operation of the equipment concerned
June 18. Sparsky Blogpost [Scientist Anton Kozminko.
According to Kaspersky, two subnets are registered below.
Back door treatment. The former only buys cryptocurrencies
The second uses a universal plug to clean mines and attachments.
Block network protocols and messages on the Internet server
The eight mines of Casparpark auto_proc, auto_kuda,
Auto_miner, Auto_opencl_amd, Auto_gpu_intel, auto_gpu_nvidia,
Auto_gpu_cuda – Auto_gpu_amd. Malware warns C2 server
Set up the system for the hunting machine and then go back.
Information on which of these eight plug-in mines to download.
The special purpose of the two plug-ins used by UPnP and SMB is to save space in the infected car network
Kuzmenko wrote that it spread like an insect. Kaspersky has determined that the UPnP plugin is compatible with NSA EternSilence.
The SMB module distributes malware with the benefits of the original NSA EternalW.