Zealot
Zealot
A sophisticated multi-staged cryptojacking malware campaign that targets internal networks with the NSA-attributed EternalBlue and EternalSynergy exploits. Zealot allows its creators to hijack CPU power of compromised systems to mine Monero, a cryptocurrency designed for privacy and anonymity.
By leveraging the NSA attributed exploits, EternalBlue and EternalSynergy, Zealot can move laterally through a compromised network without the need for user interaction.
Key Features
Exploits Windows and Linux servers vulnerable to:
CVE-2017-5638: Apache Struts Jakarta Multipart Parser attack
CVE-2017-9822: DotNetNuke (DNN) content management system vulnerability
EternalBlue and EternalSynergy exploits
PowerShell agent for Windows
Python agent for Linux/OS X
Uses the EmpireProject post-exploitation framework
Mines Monero
Products sold by OpenVault are for entertainment and educational purposes only. Customer’s are purchasing a physical copy of digital artwork (Software box).