WannaCry Ransomware: Dangerous Strain Called 'EternalRocks' Found, Researchers Say

WannaCry Ransomware: Dangerous Strain Called 'EternalRocks' Found, Researchers Say
Highlights
  • New strain of malware "EternalRocks" is more dangerous than WannaCry
  • In its current form, "EternalRocks" does not have any malicious elements
  • It leaves infected computers vulnerable to remote commands
Advertisement

After a host of different ransomware attacks that hit enterprises across the globe, security researchers have now identified a new strain of malware "EternalRocks" that is more dangerous than WannaCry and is potentially tougher to fight.

According to the researchers, "EternalRocks" exploits the same vulnerability in Windows that helped WannaCry spread to computers. It also uses a NSA tool known as "EternalBlue" for proliferation, Fortune reported on Sunday.

"...it also uses six other NSA tools, with names like EternalChampion, EternalRomance, and DoublePulsar (which is also part of WannaCry)," the report said.

In its current form, "EternalRocks" does not have any malicious elements-- it does not lock or corrupt files, or use compromised machines to build a botnet - but leaves infected computers vulnerable to remote commands that could 'weaponise' the infection at any time.

WannaCry Ransomware Cyber-Attacks Are Good Business for Security Firms

"EternalRocks" is stronger that WannaCry because it does not have any weaknesses, including the kill switch that a researcher used to help contain the ransomware.

EternalBlue also uses a 24-hour activation delay to try to frustrate efforts to study it, the report noted.

The last 10 days have seen a wave of cyber-attacks that have rendered companies helpless around the globe.

First it was WannaCrypt or WannaCry that spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. It encrypted files on infected machines and demanded payment for unlocking them.

WannaCry had some loopholes that made it easier to slow and circumvent.

After facing a massive "WannaCrypt" ransomware attack, another type of malware quietly started generating digital cash from machines it infected.

Tens of thousands of computers were affected globally by the "Adylkuzz attack" that targeted machines, let them operate and only slowed them down to generate digital cash or "Monero" cryptocurrency in the background.

"Monero" - being popularised by North Korea-linked hackers - is an open-source cryptocurrency created in April 2014 that focuses on privacy, decentralisation and scalability.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Facebook Rolls Out New 'Order Food' Feature for Mobile and Web
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »