EternalRocks: This new computer malware might be worse than ‘WannaCry’https://indianexpress.com/article/technology/tech-news-technology/eternalrocks-this-new-computer-malware-might-be-worse-than-wannacry-4668056/

EternalRocks: This new computer malware might be worse than ‘WannaCry’

Security experts identify a new strain of malware EternalRocks, that is more dangerous than WannaCry and potentially tougher to fight.

EternalRock, EternalRock malware, Malware, Ransomware, WannaCry, WannaCry Eternal Blue, Eternal Blue exploit, NSA, NSA hacking tools, Adylkuzz attack, technology, computer security
It uses a NSA tool known as “EternalBlue” for proliferation and also uses six other NSA tools, with names like EternalChampion, EternalRomance, and DoublePulsar. (Image for representation, Source: Reuters)

After a host of different ransomware attacks that hit enterprises across the globe, security researchers have now identified a new strain of malware “EternalRocks” that is more dangerous than WannaCry and is potentially tougher to fight.

According to the researchers, “EternalRocks” exploits the same vulnerability in Windows that helped WannaCry spread to computers. It also uses a NSA tool known as “EternalBlue” for proliferation, Fortune reported on Sunday. “…it also uses six other NSA tools, with names like EternalChampion, EternalRomance, and DoublePulsar (which is also part of WannaCry),” the report said.

Also Read: French researchers find way to unlock WannaCry without ransom

In its current form, “EternalRocks” does not have any malicious elements — it does not lock or corrupt files, or use compromised machines to build a botnet — but leaves infected computers vulnerable to remote commands that could ‘weaponise’ the infection at any time. “EternalRocks” is stronger that WannaCry because it does not have any weaknesses, including the kill switch that a researcher used to help contain the ransomware.

Advertising

EternalBlue also uses a 24-hour activation delay to try to frustrate efforts to study it, the report noted.The last 10 days have seen a wave of cyber attacks that have rendered companies helpless around the globe.

First it was WannaCrypt or WannaCry that spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. It encrypted files on infected machines and demanded payment for unlocking them. WannaCry had some loopholes that made it easier to slow and circumvent.

Also Read: After WannaCrypt, world faces massive cryptocurrency attack

After facing a massive “WannaCrypt” ransomware attack, another type of malware quietly started generating digital cash from machines it infected. Tens of thousands of computers were affected globally by the “Adylkuzz attack” that targeted machines, let them operate and only slowed them down to generate digital cash or “Monero” cryptocurrency in the background.

“Monero” — being popularised by North Korea-linked hackers — is an open-source cryptocurrency created in April 2014 that focuses on privacy, decentralisation and scalability.