Stories
Slash Boxes
Comments

SoylentNews is people

Bad Rabbit Used NSA “EternalRomance” Exploit to Spread, Researchers Say

posted by Fnord666 on Wednesday November 01 2017, @09:19PM   Printer-friendly
from the the-gift-that-keeps-on-giving dept.

MrPlow writes:

Submitted via IRC for SoyCow1

Despite early reports that there was no use of National Security Agency-developed exploits in this week's crypto-ransomware outbreak, research released by Cisco Talos suggests that the ransomware worm known as "Bad Rabbit" did in fact use a stolen Equation Group exploit revealed by Shadowbrokers to spread across victims' networks. The attackers used EternalRomance, an exploit that bypasses security over Server Message Block (SMB) file-sharing connections, enabling remote execution of instructions on Windows clients and servers. The code closely follows an open source Python implementation of a Windows exploit that used EternalRomance (and another Equation Group tool, EternalSynergy), leveraging the same methods revealed in the Shadowbrokers code release. NotPetya also leveraged this exploit.

Source: https://arstechnica.com/information-technology/2017/10/bad-rabbit-used-nsa-eternalromance-exploit-to-spread-researchers-say/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Bad Rabbit Used NSA “EternalRomance” Exploit to Spread, Researchers Say | Log In/Create an Account | Top | 8 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Thursday November 02 2017, @01:50PM (2 children)

    by Anonymous Coward on Thursday November 02 2017, @01:50PM (#591010)

    soooo .. excuse me, WHAT is the secret to sending files over the network then?

    FTP is not encrypted, has "troubles" without extra firewall modules (babysitting).
    SMB is flawed because it was born and raised in m$ house.
    NFS works perfect, if you got an computer engineering degree from some uni that guarantees a house, car and wife.
    what the F...k. can normal people use to innocently send files from one computer to the other then?

    this is crazy. the most basic problem is ... made difficult, for what?
    it looks like a conspiracy :}

  • (Score: 2) by Freeman on Thursday November 02 2017, @04:23PM

    by Freeman (732) on Thursday November 02 2017, @04:23PM (#591122) Journal

    I use Dropbox. Though, good old fashioned Sneaker Net is very reliable and not likely to be intercepted between the two computers.

    --
    Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"

  • (Score: 0) by Anonymous Coward on Thursday November 02 2017, @07:34PM

    by Anonymous Coward on Thursday November 02 2017, @07:34PM (#591276)

    What? NFS is pretty damn easy to set up, the only drawback is it only works with nixes. I've got no degree, no car, no house, no wife, a couple F's, and I can figure it out...