EternalRocks: Might be worse than ‘WannaCry’ Malware

arrunadayy No comments exist

A new form of malware which uses the NSA’s leaked hacking tools has been discovered. This malware is called EternalRocks and uses seven exploits leaked in April by the Shadow Brokers.

The Shadow Brokers obtained the exploits after they reportedly hacked the NSA, and their posting led to the creation of the WannaCry ransomware.

While EternalRocks uses seven of the leaked exploits, WannaCry only used two.

Miroslav Stampar, a cybersecurity expert for Croatia’s Government CERT, discovered EternalRocks last week and tracked the first attacks to 3 May, stated the report.

EternalRocks

EternalRocks uses the following NSA tools leaked by the Shadow Brokers:

EternalBlue
DoublePulsar
EternalChampion
EternalRomance
EternalSynergy
ArchiTouch
SMBTouch

EternalRocks Miroslav

“The majority of the tools exploit vulnerabilities with standard file sharing technology used by PCs called Microsoft Windows Server Message Block, which is how WannaCry spread so quickly,” stated by security Experts. Microsoft patched the vulnerabilities in March, but many PCs remain at risk due to users not updating their OS.

Where EternalRocks differs from WannaCry is that it has not alerted victims to a ransomware infection – it remains hidden, downloads Tor, and sends a signal to the worm’s servers.

From there, the server responds and starts downloading and self-replicating.

EternalRocks Stamper

The report warned that EternalRocks can be “activated at any time”, and what its ultimate attack will be is not known at this stage.

Subscribe our Youtube Channel

Leave a Reply

Your email address will not be published. Required fields are marked *