19th July, 2018 By James Quinn Alien Vault
Summary - Continuing the 2018 trend of cryptomining malware, I’ve found another family of mining malware similar to the “massminer” discovered in early May. I’m calling this family ZombieBoy since it uses a tool called ZombieBoyTools to drop the first dll.
ZombieBoy, like MassMiner, is a cryptomining worm that uses some exploits to spread. However, unlike MassMiner, ZombieBoy uses WinEggDrop instead of MassScan to search for new hosts. ZombieBoy is being continually updated, and I’ve been obtaining new samples almost daily.
Article Link - Read more
Glossary Blog Back to the Malware Manifesto