 "After WannaCry attack, reserachers find new ransomware 'EternalRocks'")
EternalRocks, a new strain of malware, has been identified by the researchers that target the same vulnerability that wrecked havoc worldwide by 'WannaCry' ransomware, a media report said.
EternalRocks exploits the same vulnerability in Windows that helped WannaCry spread to computers. The malware includes far more threats than WannaCry, making it potentially tougher to fight.
Like the original ransomware, known as WannaCry, EternalRocks uses an NSA tool known as EternalBlue to spread itself from one computer to the next through Windows. But it also uses six other NSA tools, with names like EternalChampion, EternalRomance, and DoublePulsar (which is also part of WannaCry), Fortune reported.
In its current form, EternalRocks does not have any malicious elements; it does not lock or corrupt files or use compromised machines to build a botnet. But that's not particularly reassuring because EternalBlue leaves infected computers vulnerable to remote commands that could 'weaponize' the infection at any time.
WannaCry has hit over 150 countries, including India and affected over 240,000 machines, primarily those running unpatched versions of Windows 7. It encrypts files on infected machines and demands payment for unlocking them.
EternalRocks is stronger that WannaCry because it does not have any weaknesses, including the kill switch that a researcher used to help contain the ransomware.
EternalBlue also uses a 24-hour activation delay to try to frustrate efforts to study it, the report noted.
The researcher who found EternalRocks does not claim that it has spread very far yet, but it's just one example of a wave of new malware based on the NSA-authored exploits. The consequences have already been serious, and they could get worse.
The last 10 days have seen a wave of cyber attacks that have rendered companies helpless around the globe.
First it was WannaCry that spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. It encrypted files on infected machines and demanded payment for unlocking them.
WannaCry had some loopholes that made it easier to slow and circumvent.
Over 48,000 attempts of ransomware attacks were detected in India. With 60 per cent of the attempts targeted enterprises, while 40 per cent were on individual customers, a cyber security firm, Quick Heal Technologies had said.
EternalRocks exploits the same vulnerability in Windows that helped WannaCry spread to computers. The malware includes far more threats than WannaCry, making it potentially tougher to fight.
Like the original ransomware, known as WannaCry, EternalRocks uses an NSA tool known as EternalBlue to spread itself from one computer to the next through Windows. But it also uses six other NSA tools, with names like EternalChampion, EternalRomance, and DoublePulsar (which is also part of WannaCry), Fortune reported.
In its current form, EternalRocks does not have any malicious elements; it does not lock or corrupt files or use compromised machines to build a botnet. But that's not particularly reassuring because EternalBlue leaves infected computers vulnerable to remote commands that could 'weaponize' the infection at any time.
WannaCry has hit over 150 countries, including India and affected over 240,000 machines, primarily those running unpatched versions of Windows 7. It encrypts files on infected machines and demands payment for unlocking them.
EternalRocks is stronger that WannaCry because it does not have any weaknesses, including the kill switch that a researcher used to help contain the ransomware.
EternalBlue also uses a 24-hour activation delay to try to frustrate efforts to study it, the report noted.
The researcher who found EternalRocks does not claim that it has spread very far yet, but it's just one example of a wave of new malware based on the NSA-authored exploits. The consequences have already been serious, and they could get worse.
The last 10 days have seen a wave of cyber attacks that have rendered companies helpless around the globe.
First it was WannaCry that spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. It encrypted files on infected machines and demanded payment for unlocking them.
WannaCry had some loopholes that made it easier to slow and circumvent.
Over 48,000 attempts of ransomware attacks were detected in India. With 60 per cent of the attempts targeted enterprises, while 40 per cent were on individual customers, a cyber security firm, Quick Heal Technologies had said.
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →*Subscribe to Business Standard digital and get complimentary access to The New York Times
Smart Quarterly
₹900
3 Months
₹300/Month
SAVE 25%
Smart Essential
₹2,700
1 Year
₹225/Month
SAVE 46%
*Complimentary New York Times access for the 2nd year will be given after 12 months
Super Saver
₹3,900
2 Years
₹162/Month
Subscribe
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app
SAVE 25%