Newly identified ransomware ‘EternalRocks’ is more dangerous than ‘WannaCry’

Wanacry-2-696x365

After a host of different ransomware attacks that hit enterprises across the globe, security researchers have now identified a new strain of malware “EternalRocks” that is more dangerous than WannaCry and is potentially tougher to fight.

According to the researchers, “EternalRocks” exploits the same vulnerability in Windows that helped WannaCry spread to computers. It also uses a NSA tool known as “EternalBlue” for proliferation, Fortune reported on Sunday.

You will be shocked to know that the ‘EternalRocks’ ransomware is more dangerous than WannaCry and it is potentially tougher to fight. The new ransomware leaves computers vulnerable to remote commands that could ‘weaponise’ the infection anytime.

EternalRocks /Doomsday worm uses six/seven NSA exploits (WannaCry used two).

“…it also uses six other NSA tools, with names like EternalChampion, EternalRomance, and DoublePulsar (which is also part of WannaCry),” the report said. In its current form, “EternalRocks” does not have any malicious elements — it does not lock or corrupt files, or use compromised machines to build a botnet, but leaves infected computers vulnerable to remote commands that could ‘weaponise’ the infection at any time.

“EternalRocks” is stronger that WannaCry because it does not have any weaknesses, including the kill switch that a researcher used to help contain the ransomware. EternalBlue also uses a 24-hour activation delay to try to frustrate efforts to study it, the report noted.The last 10 days have seen a wave of cyber attacks that have rendered companies helpless around the globe.

First it was WannaCrypt or WannaCry that spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. It encrypted files on infected machines and demanded payment for unlocking them.

WannaCry had some loopholes that made it easier to slow and circumvent. After facing a massive “WannaCrypt” ransomware attack, another type of malware quietly started generating digital cash from machines it infected.

Tens of thousands of computers were affected globally by the “Adylkuzz attack” that targeted machines, let them operate and only slowed them down to generate digital cash or “Monero” cryptocurrency in the background. “Monero” being popularised by North Korea-linked hackers — is an open-source cryptocurrency created in April 2014 that focuses on privacy, decentralisation and scalability.

Advertisements
This entry was posted in EternalRocks and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s