EternalRocks: Might be worse than ‘WannaCry’ Malware

A new form of malware which uses the NSA’s leaked hacking tools has been discovered. This malware is called EternalRocks and uses seven exploits leaked in April by the Shadow Brokers.

The Shadow Brokers obtained the exploits after they reportedly hacked the NSA, and their posting led to the creation of the WannaCry ransomware.

While EternalRocks uses seven of the leaked exploits, WannaCry only used two.

Miroslav Stampar, a cybersecurity expert for Croatia’s Government CERT, discovered EternalRocks last week and tracked the first attacks to 3 May, stated the report.


EternalRocks uses the following NSA tools leaked by the Shadow Brokers:


EternalRocks Miroslav

“The majority of the tools exploit vulnerabilities with standard file sharing technology used by PCs called Microsoft Windows Server Message Block, which is how WannaCry spread so quickly,” stated by security Experts. Microsoft patched the vulnerabilities in March, but many PCs remain at risk due to users not updating their OS.

Where EternalRocks differs from WannaCry is that it has not alerted victims to a ransomware infection – it remains hidden, downloads Tor, and sends a signal to the worm’s servers.

From there, the server responds and starts downloading and self-replicating.

EternalRocks Stamper

The report warned that EternalRocks can be “activated at any time”, and what its ultimate attack will be is not known at this stage.

Subscribe our Youtube Channel

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Welcome to Defenx Solution

If you need any info or details please do connect with us through any medium below. We will try to get in touch with you as early as possible.

Contact Form

or reach me via these social channels

Contact Us