Another emerging malware that is making its way around the globe searches out targets with open SMB Port 445 and exploits the NSA leaked double pulsar exploit to automatically infect a vulnerable target over the internet and also behind firewalls once a compromised device traverses into a private network such as a home or office secured network. What is unique about the Adylkuzz malware is that it closes off port 445 once it infects a target, which prevents the Wanna Cry malware from taking hold and encrypting a victims files. Adylkuzz generates revenue for its make by supporting the Crypto Currency peer to peer exchange. Details are emerging about this new malware, but in my opinion, it is much worse to lose all of your files due to them being encrypted beyond recovery as opposed to having your computer slowed down as it becomes part of the peer to peer crypto currency exchange market. Had Adylkuzz not been released weeks prior, the number of Wanna Cry infections would likely be much greater.
Microsoft released a security bulletin about Adylkuzz on April 28th, 2017, but this malware has been propagating for weeks now and is believed to soon overtake Wanna Cry.
I wonder if the NSA designed this malware to take out Wanna Cry and collect data on the Bitcoin currency exchange market? Hmm…. time will tell as always.