Share this article
NSA 'DoubleStar' Backdoor Blamed for Cryptocurrency Mining Malware
A type of cryptocurrency mining malware has spread due to an exploit developed by the US National Security Agency.
By Wolfie Zhao
Updated Sep 11, 2021, 1:28 p.m. Published Jun 21, 2017, 5:30 p.m. 1 min read
A type of cryptocurrency mining malware has spread due to an exploit developed by the US National Security Agency, cybersecurity researchers say.
According to Dr.Web, a Russian anti-virus vendor, the NSA's "DoublePulsar" backdoor – which was leaked earlier this year by a group called the Shadow Brokers – allows the entry of a Trojan program that installs software to secretly mine the privacy-oriented digital currency monero.
In a 15th June blog post, Dr.Web laid out the nuts and bolts of the malware, noting:
"This malicious program, designed for mining the Monero (XMR) cryptocurrency, was dubbed Trojan.BtcMine.1259. Trojan.DownLoader24.64313 downloads the miner to a computer. This loader Trojan is distributed via the backdoor DoublePulsar."
It's not immediately clear how many machines have been infected with the malware due to the NSA exploit, and a representative for the company wasn't immediately available to comment when reached.
Wired reported in April that tens of thousands of machine were impacted following the exploit's release.
DoublePulsar has also been identified as a factor in the recent "WannaCry" ransomware attacks, which impacted hundreds of thousands of computers across the globe.
Image via Shutterstock
More For You
"An Agreement has been largely negotiated, subject to finalization between the United States of America, the Islamic Republic of Iran, and the various other Countries," wrote President Trump late Saturday afternoon.
What to know:
- Down sharply earlier Saturday, bitcoin moved to gains on the day after President Trump announced a peace agreement with Iran and other Middle Eastern countries.
- As part of the deal, Trump said, the Strait of Hormuz will be reopened.
Top Stories
