Adylkuzz, the latest zero-day threat malware, detected by DeepArmor Enterprise


By Bryan Lares and Marla Rosner

While the world has been fascinated with and affected by the ransom takeover of Wannacry, a worm that took advantage of gaps in Microsoft’s updated security patches, a new and more sophisticated variant has been playing out behind closed doors in the darknet.

Adylkuzz is different in that it doesn’t offer ransom notes or encrypt your files. It runs invisible in the background, using the NSA’s EternalBlue Exploit (CC-1353) that was made public by the hacking group Shadow Brokers earlier this year. Although it doesn’t operate at the same lightning speed as Wannacry, it’s just as threatening to corporations and the world of machine learning.

By leveraging the same Windows Exploit as Wannacry, Adylkuzz slips in and operates in the background of computers. Rather than sitting behind closed doors and solely hacking information, this malware installs “mines” that generate cryptocurrency, or digital money, called Monero. This currency is generated by computer power. The more powerful the computer, the more currency can be mined out.

SparkCognition has been on the forefront of cybersecurity, detecting and blocking Wannacry, Double Agent, and Popcorn Time malware with its use of its advanced cognitive security solution, DeepArmor.

DeepArmor is SparkCognition’s artificial intelligence powered endpoint security solution, using machine learning to detect cyber threats prior to them unraveling. In the case of Adylkuzz, DeepArmor’s Real-Time File Monitoring technology was able to detect and mitigate the undocumented threat autonomously. Because DeepArmor is an advanced form of cognitive endpoint detection, it was able to block this zero-day threat without any prior training, human interactions, or interventions.

By utilizing the power of both machine learning algorithms, DeepArmor detected an unknown file before it could plant a mine in the system. Adylkuzz goes beyond simply slowing down your computer system, as it silently mines and shells out cryptocurrency. This malware is intriguing to those inside the field because it blocks other viruses from infecting the computer while it’s mining, making it even more difficult to detect.

With the use of DeepArmor, which is trained with millions of malicious files for instances such as this, it detected the initial presence of the worm before the creator could drive any further action. If your system is under invisible attack by Adylkuzz, you’ll likely experience a loss of access to shared resources in Windows, along with the degradation of server performance.

Because it is less flashy than the workings of Wannacry, it can be harder to detect without the proper security measures in place. With DeepArmor, you can rest assured that your assets are being protected and your information and platforms aren’t being mined.

Adylkuzz predates Wannacry, as some researchers have noted its presence as early as April 24. With DeepArmor’s proprietary machine learning, it was able to detect the attempted presence of Adylkuzz within the system and shuts it down in a matter of seconds, not minutes. When dealing with malware, time is of the essence, and with DeepArmor, time is on your side.

Latest blogs

Abstract depiction of our Generative AI Platform created by DALL-E
Campbell LeFlore

What’s Inside our Generative AI Platform?

Perfected over ten years of real-world engagements serving many of the world’s largest brands in energy, manufacturing, transportation, utilities, financial services, and other industries, SparkCognition’s

Read More
Campbell LeFlore

The Top Challenges HSE Managers Face Today

HSE managers are the behind-the-scenes heroes enabling today’s high-throughput industrial environments to operate at peak performance. Their determined efforts ensure the well-being and protection of

Read More
SparkCognition is committed to compliance with applicable privacy laws, including GDPR, and we provide related assurances in our contractual commitments. Click here to review our Cookie & Privacy Policy.