VERY IMPORTANT

We are seeing a number of new WannaMine campaigns. Initial delivery is through backdoored games and malcious macro files. Then propogates through network using EternalBlue and Mimikatz, in a similar manner to NotPetya. Install Monero miners within the network, draining CPU usage. The most recent C and C Domain was registered yesterday (7th February) and earnings are visible in the Monero pool shortly after. Detected as MSH.Bluwimps by Symantec.