According to her telemetry ESET, attacks based on EternalBlue exploit have reached historically high levels, with users being bombarded with hundreds of thousands of attacks each day.
Since then, efforts to exploit this vulnerability by this exploit have increased significantly, and at the moment, they are at their peak, as reported by researchers of ESET.
The EternalBlue exploit was allegedly stolen from the NSA in 2016 and was made public on April 14, 2017 by a cybercriminal group known as Shadow Brokers. Το exploit στοχεύει σε μια ευπάθεια στην εφαρμογή του πρωτοκόλλου SMB (Server Message Block), μέσω της θύρας 445.
Although Microsoft had released a patch, and even before the launch of WannaCryptor 2017, there are still vulnerable systems around the world today, possibly due to inadequate security practices and patch updates.
EternalBlue is responsible for many cyber-attacks, such as Diskcoder.C (also known as Petya, NotPetya and ExPetya) and BadRabbit in 2017. Also, well-known cybercriminals such as the Sednit group (aka APT28, Fancy Bear and Sofacy) have used it to attack networks Hotel Wi-Fi. Recently, EternalBlue was held responsible for the spread of Trojans and cryptocurrency mining malware in China.
According to ESET researchers, this exploit and all cyber attacks emphasize the importance of timely patching. In addition, they emphasize the need for a reliable and multilevel security solution that can do much more than just stop transport of the malevolent benefic loady, such as to protect against the underlying mechanism.
- Anonymous: the end of hacking
- Microsoft, Sony collaboration for game-streaming
- Google Chrome Canary: new configuration page