Six of these NSA tools were used by the US agency to carry out cybersquatting actions and would have been leaked by hacking group ShadowBrokers. According to Stampar, EternalRocks exploits the vulnerabilities in Windows regarding the SMB network protocol, using the exploits EternalBlue, EternalChampion, EternalRomance, EternalSynergy, SMBTouch, ArchiTouch and DoublePulsar. Proof of the enormous power of this new virus is that with just two of these tools, EternalBlue and DoublePulsar, WannaCry was able to sow chaos in several major international companies. In fact, the discoverer of this new worm is declared “scared” after having verified that someone has been able to package “successfully” and “professional” all the exploits that attack the SMB protocol.
A Hidden Virus
Miroslav Stampar explained that EternalRocks is currently in a phase of “propagation”, waiting for “more command and control updates”, which means that at any time can be activated. The “malware” starts to download the exploits 24 hours later, after which it initiates a signal to the other affected servers. At the moment, this new virus remains hidden in computers. Unlike “WannaCry” it does not activate any “ransomware” that warns the owner of the attacked team that it has a virus. Moreover “I think this is just the beginning,” Stampar said. So, what do you think about this new dangerous malware? Simply share your views and thoughts in the comment section below.
Δ