Markets
Share this article

NSA 'DoubleStar' Backdoor Blamed for Cryptocurrency Mining Malware

A type of cryptocurrency mining malware has spread due to an exploit developed by the US National Security Agency.

By Wolfie Zhao
Updated Sep 11, 2021, 1:28 p.m. Published Jun 21, 2017, 5:30 p.m.
computer, code

A type of cryptocurrency mining malware has spread due to an exploit developed by the US National Security Agency, cybersecurity researchers say.

According to Dr.Web, a Russian anti-virus vendor, the NSA's "DoublePulsar" backdoor – which was leaked earlier this year by a group called the Shadow Brokers – allows the entry of a Trojan program that installs software to secretly mine the privacy-oriented digital currency monero.

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

In a 15th June blog post, Dr.Web laid out the nuts and bolts of the malware, noting:

"This malicious program, designed for mining the Monero XMR$449.91 cryptocurrency, was dubbed Trojan.BtcMine.1259. Trojan.DownLoader24.64313 downloads the miner to a computer. This loader Trojan is distributed via the backdoor DoublePulsar."

It's not immediately clear how many machines have been infected with the malware due to the NSA exploit, and a representative for the company wasn't immediately available to comment when reached.

Wired reported in April that tens of thousands of machine were impacted following the exploit's release.

DoublePulsar has also been identified as a factor in the recent "WannaCry" ransomware attacks, which impacted hundreds of thousands of computers across the globe.

Image via Shutterstock

CrimeMining MalwareNewsWannaCryNSADoubleStarTechnology News

More For You

KuCoin Hits Record Market Share as 2025 Volumes Outpace Crypto Market

By CoinDesk Research
Dec 22, 2025
logo
Commissioned byKuCoin
16:9 Image

KuCoin captured a record share of centralised exchange volume in 2025, with more than $1.25tn traded as its volumes grew faster than the wider crypto market.

What to know:

  • KuCoin recorded over $1.25 trillion in total trading volume in 2025, equivalent to an average of roughly $114 billion per month, marking its strongest year on record.
  • This performance translated into an all-time high share of centralised exchange volume, as KuCoin’s activity expanded faster than aggregate CEX volumes, which slowed during periods of lower market volatility.
  • Spot and derivatives volumes were evenly split, each exceeding $500 billion for the year, signalling broad-based usage rather than reliance on a single product line.
  • Altcoins accounted for the majority of trading activity, reinforcing KuCoin’s role as a primary liquidity venue beyond BTC and ETH at a time when majors saw more muted turnover.
  • Even as overall crypto volumes softened mid-year, KuCoin maintained elevated baseline activity, indicating structurally higher user engagement rather than short-lived volume spikes.
View Full Report

More For You

How a 'perpetual’ stock trick could solve Michael Saylor’s $8 billion debt problem

By James Van Straten|Edited by Nikhilesh De
4 hours ago
Strive CEO Matt Cole speaks at BTC Asia in Hong Kong (screenshot)

The bitcoin treasury firm is using perpetual preferreds to retire convertibles, offering a potential framework for managing long-dated leverage.

What to know:

  • Strive upsized its SATA follow on offering beyond $150 million, pricing the perpetual preferred at $90.
  • The structure offers a blueprint for replacing fixed maturity convertibles with perpetual equity capital that removes refinancing risk.
  • Strategy has a $3 billion convertible tranche due in June 2028 with a $672.40 conversion price, which could be addressed using a similar preferred equity approach.
Read full story