HomeBlockchainSecurityBeapy: new malware that mines Monero

Beapy: new malware that mines Monero

As reported by the security company Symantec, there is a new malware around, Beapy, which falls into the crypto jacking category used to mine Monero, probably chosen by hackers for its characteristic of being anonymous.

Beapy was discovered by Symantec last April 1st and has been identified as a Windows malware. Beapy mainly targets companies and uses the EternalBlue exploit, which, according to many people, was developed by the American NSA as a means of stealing credentials and quickly spreading throughout the company network.

The malware, sent via an excel attachment, downloads the DoublePulsar backdoor to the victim’s computer, allowing remote commands to be executed. In addition, the vulnerability exploit of the Windows SMB protocol allows it to spread throughout the affected network.

With the above command, the computer contacts the Beapy C&C server, where other commands leading to the download of the Monero coinminer are executed and the whole process is repeated on all computers in the network.

According to data gathered from the malware’s behaviour, Beapy mainly affected Asian regions such as China (80%), Japan (4%), South Korea (3%) and Hong Kong (2%).

Alfredo de Candia
Alfredo de Candia
Android developer for over 8 years with a dozen of developed apps, Alfredo at age 21 has climbed Mount Fuji following the saying: "He who climbs Mount Fuji once in his life is a wise man, who climbs him twice is a Crazy". Among his app we find a Japanese database, a spam and virus database, the most complete database on Anime and Manga series birthdays and a shitcoin database. Sunday Miner, Alfredo has a passion for crypto and is a fan of EOS.