Stories
Slash Boxes
Comments

SoylentNews is people

New SMB Worm 'EternalRocks' Uses Seven NSA Hacking Tools -- WannaCry Used Just Two

posted by cmn32480 on Sunday May 21 2017, @01:34PM   Printer-friendly
from the ahhh-crap dept.

Fnord666 writes:

Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two.

The worm's existence first came to light on Wednesday, after it infected the SMB honeypot of Miroslav Stampar, member of the Croatian Government CERT, and creator of the sqlmap tool used for detecting and exploiting SQL injection flaws.

The worm, which Stampar named EternalRocks based on worm executable properties found in one sample, works by using six SMB-centric NSA tools to infect a computer with SMB ports exposed online. These are ETERNALBLUE, ETERNALCHAMPION, ETERNALROMANCE, and ETERNALSYNERGY, which are SMB exploits used to compromise vulnerable computers, while SMBTOUCH and ARCHITOUCH are two NSA tools used for SMB reconnaissance operations.

Once the worm has obtained this initial foothold, it then uses another NSA tool, DOUBLEPULSAR, to propagate to new vulnerable machines.

Source: BleepingComputer

Original Submission

 
This discussion has been archived. No new comments can be posted.
New SMB Worm 'EternalRocks' Uses Seven NSA Hacking Tools -- WannaCry Used Just Two | Log In/Create an Account | Top | 35 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by fadrian on Sunday May 21 2017, @04:47PM (3 children)

    by fadrian (3194) on Sunday May 21 2017, @04:47PM (#513061) Homepage

    Ha ha ha. You don't have the wherewithal to "make" your computer secure. It's insecure from the ground up. We could have done better. We didn't. Now you live with your insecure system because no matter how much you patch, there are always going to be new holes. And even if you keep up today, there's always tomorrow.

    --
    That is all.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 0) by Anonymous Coward on Sunday May 21 2017, @06:11PM (2 children)

    by Anonymous Coward on Sunday May 21 2017, @06:11PM (#513086)

    Ha ha ha. You don't have the wherewithal to "make" your computer secure.

    That's a pretty arrogant thing to say to somebody you know absolutely nothing about.

    • (Score: 0) by Anonymous Coward on Monday May 22 2017, @04:18AM

      by Anonymous Coward on Monday May 22 2017, @04:18AM (#513311)

      Actually not really, we've had plenty of stories come through here about computers being compromised on the hardware level. Maybe you can be more secure than some, but never fully secure as long as you have a connection to the net.

    • (Score: 2) by fadrian on Tuesday May 23 2017, @01:06PM

      by fadrian (3194) on Tuesday May 23 2017, @01:06PM (#514193) Homepage

      Get back to me when you've proven your BIOS to be error free. And you haven't even gotten to the OS level yet.

      --
      That is all.