The malware also uses DoublePulsar and EternalBlue exploits for the creation of backdoors. Since it can create multiple backdoors, therefore, it opens the gate for other malware infections such as keyloggers, ransomware, and similar malicious software. This feature further increases its chances of successful compromising of the system while makes it much difficult for security experts to identify and remove infections.
What makes the malware even harder to detect is the fact that it doesn’t run on VMs (virtual machines), which make it difficult for security experts to perform reverse engineering or even capturing it. This is why developing a strategy to address the issue has become a troubling issue for researchers.
There are several measures that companies can undertake to stop threats like the ZombieBoy or at least limit the risk level. According to security researchers at IBM, it is important to block C&C traffic because ZombieBoy uses exploits like the EternalBlue and DoublePulsar, which rely upon C&C traffic .
Another remedy is to develop smart, integrated security systems that can respond to multiple attack threats from DDoS to cryptomining and ransomware. This can be ensured by enabling 2FA and developing stronger web application firewalls.