Tencent Yujian: NSAMsdMiner uses Eternal Blue to attack the intranet and run the Monroe mining program

Recently, the Tencent Yujian Threat Intelligence Center has captured a new mining Trojan family that uses NSA weapons' Eternal Blue, Eternal Romance, Eternal Champion, and Double Pulsar to spread the attack. The attacker can completely control the poisoned computer, steal corporate confidential information, and use the poisoned computer resources to run the Monroe coin mining program, which also has the ability to hijack the work of other mining Trojans. It is reported that this attack mainly affects computers in Zhejiang, Guangdong and Hubei.