Though not weaponized and malicious as of yet, EternalRocks is a worm that could potentially do more damage than the WannaCry ransomware on which it is based, because it utilizes more of the NSA-leaked Windows exploits than its predecessor.
Remember Fast And Furious 7, where Jason Statham entered the franchise as the “big bad brother” of the last villain and wreaks havoc like a one-man army? Turns out the “big bad brother” isn’t a unique theme to Fast and Furious. WannaCry attacks have died out, and the media buzz about the ransomware has faded. Attempts to contain it have been successful, and Fed-Ex has updated their computers. All is well in the world. Then… enter big brother.
It’s called the EternalRocks worm, a program that penetrates a computer system and replicates itself on to other computers. It hasn’t done much damage yet as far as cyber crime goes, according to sources from fortune.com, because there are no malicious elements as of today. The reason it has potential to be so dangerous is that it utilizes 7 exploits that were leaked from the NSA. WannaCry uses only 2. Like its predecessor, EternalRocks employs EternalBlue to spread between Windows computers, but it also uses 6 other tools from the NSA. Here is a short descriptive list below.
These are the two used by the WannaCry Ransomware:
- EternalBlue: this exploits a vulnerability in Microsoft’s Server Message Block (SMB), used to remote target the computer
- DoublePulsar: a backdoor implant used to bypass computer security
Here are the other 5 tools, which are all similar to EternalBlue in that they are SMB exploits:
- EternalChampion
- EternalRomance
- EternalSynergy
- SMBTouch
- ArchiTouch
If we look back to when the leaked vulnerabilities were first released by the ShadowBrokers (a hacker group), they weren’t utilized for a while, and Microsoft released security patches weeks before anything happened. But when the WannaCry attacks started, so many companies and individuals were hugely affected (If you still haven’t updated, do it now. Like, stop reading this and spend the time updating your OS). When the exploits were finally weaponized, those too slow to take the necessary precautions felt the impact.
Like the WannaCry Ransomware, EternalRocks has been crafted from the leaked exploits of the NSA and has the potential to be weaponized and used to hack many unsuspecting computers. Sources from CBSNews predict that losses from the attacks could be as high as $4 billion. And if WannaCry did that with two, imagine what 5 more exploits could do if they were added to the mix. It’s not going to hit yet, but we should be expecting attacks that utilize this. In fact, we should always be expecting cyberattacks to surface, and be ready to ward them off when they do. I mean, Jason Statham beat up The Rock, and it wasn’t even a surprise attack. Let’s not be taken by surprise by EternalRocks.