MyKingz Using Taylor Swift Image to Spread - Binary Defense

Threat Watch

Share on facebook
Share on twitter
Share on linkedin

MyKingz Using Taylor Swift Image to Spread

The prolific mining botnet, MyKingz has begun using an interesting and funny technique to hide their malicious payloads.  By embedding the executable into JPEGs of Taylor Swift, the malware attempts to evade detection products.  While this isn’t a huge risk, it does add to the growing problem of MyKingz, which earns an estimated profit of $300 per day.

ANALYST NOTES

MyKingz’ primary means of lateral movement is through EternalBlue. Additionally, MyKingz uses brute-forcing of weak passwords in order to gain access to vulnerable systems. Patching systems for MS17-010 and using strong passwords will protect systems from the MyKingz botnet. If patches cannot be conducted in a timely manner, making sure that port 445 is inaccessible from the internet is a quick fix to the issue as well.

Contact Support

Please complete the form below and a member of our support team will respond as quickly as possible.