The New Malware that’s Even Scarier than WannaCry
Just weeks after the WannaCry ransomware attacked millions of computers worldwide, another similar malware has appeared. Named EternalRocks, this new strain of malware targets the same Windows vulnerability as Wannacry. But it’s much tougher to take down.
EternalRocks, Like WannaCry, uses an exploit called EternalBlue, first developed by the NSA, to spread from computer to computer. Unlike WannaCry, it also uses other NSA tools like EternalChampion, EternalRomance, and DoublePulsar to infiltrate networks. And the scary thing is that it doesn’t appear to have any weaknesses. It has no kill switch, and uses a 24-hour activation delay, thwarting attempts to study and stop it.
EternalRocks, in its current form, doesn’t have any malicious elements. It doesn’t lock or corrupt files, or use infected machines to build a botnet. But it leaves infected computers extremely vulnerable. Hackers could use remote commands to weaponize EternalRocks at any time.
Is EternalRocks More Dangerous than Recent Malware Attacks?
The WannaCry attack which happened in May, has infected over 240,000 computers in 150 countries. It blocked the networks of major organizations like Britain’s National Health Service (NHS), FedEx in the United States, and Spanish telecommunications giant Telefonica. Immediately following the WannaCry outbreak, there was another ransomware attack called “Adylkuzz.” Adylkuzz was an atypical ransomware in that it would only slow down and not completely stop a computer. As it did so, it would generate a cryptocurrency called “Monero” in the background. EternalRocks is more powerful and dangerous than either WannaCry or Adylkuzz, and will prove very difficult to contain.
Julia Sowells249 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.