NSA 'DoubleStar' Backdoor Blamed for Cryptocurrency Mining Malware

A type of cryptocurrency mining malware has spread due to an exploit developed by the US National Security Agency.

Jun 21, 2017 at 5:30 p.m. UTC
Updated Sep 11, 2021 at 1:28 p.m. UTC

A type of cryptocurrency mining malware has spread due to an exploit developed by the US National Security Agency, cybersecurity researchers say.

According to Dr.Web, a Russian anti-virus vendor, the NSA's "DoublePulsar" backdoor – which was leaked earlier this year by a group called the Shadow Brokers – allows the entry of a Trojan program that installs software to secretly mine the privacy-oriented digital currency monero.

In a 15th June blog post, Dr.Web laid out the nuts and bolts of the malware, noting:

"This malicious program, designed for mining the Monero (XMR) cryptocurrency, was dubbed Trojan.BtcMine.1259. Trojan.DownLoader24.64313 downloads the miner to a computer. This loader Trojan is distributed via the backdoor DoublePulsar."

It's not immediately clear how many machines have been infected with the malware due to the NSA exploit, and a representative for the company wasn't immediately available to comment when reached.

Wired reported in April that tens of thousands of machine were impacted following the exploit's release.

DoublePulsar has also been identified as a factor in the recent "WannaCry" ransomware attacks, which impacted hundreds of thousands of computers across the globe.

Image via Shutterstock

The Festival for the Decentralized World
Thursday - Sunday, June 9-12, 2022
Austin, Texas
Save a Seat Now

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Trending

1
CoinDesk - Unknown
Former BitMEX CEO Arthur Hayes Sentenced to 2 Years Probation

Hayes pleaded guilty to one count of violating the Bank Secrecy Act (BSA) in February, and faced a sentence of up to 12 months in prison.

Hayes pleaded guilty to one count of violating the Bank Secrecy Act (BSA) in February, and faced a sentence of up to 12 months in prison.

CoinDesk - Unknown
2
CoinDesk - Unknown
Market Wrap: Cryptos Decline Amid Choppy Trading, DeFi Tokens Underperform

Aversion to risk remains as volatility returns to stocks and cryptos.

Aversion to risk remains as volatility returns to stocks and cryptos.

CoinDesk - Unknown
3
CoinDesk - Unknown
Travis Kling on Why a Decentralized Web 3 is Worth Fighting for

Plus more about Ikigai's new Web 3 venture fund.

Plus more about Ikigai's new Web 3 venture fund.

CoinDesk - Unknown
4
CoinDesk - Unknown
Las criptomonedas deberían cumplir con las mismas normas que las finanzas regulares, dice el G7

Los ministros de Economía y Finanzas quieren que la estabilidad financiera y los estándares de lavado de dinero entren en vigencia pronto, considerando la reciente agitación del mercado.

Los ministros de Economía y Finanzas quieren que la estabilidad financiera y los estándares de lavado de dinero entren en vigencia pronto, considerando la reciente agitación del mercado.

CoinDesk - Unknown