After a host of different ransomware attacks that hit enterprises across the globe, security researchers have now identified a new strain of malware EternalRocks that is more dangerous than WannaCry and is potentially tougher to fight. According to the researchers, EternalRocks exploits the same vulnerability in Windows that helped WannaCry spread to computers. It also uses a NSA tool known as EternalBlue for proliferation, Fortune reported. Also Read - Almost 60 percent of internet users in India fell prey to hacking in the last 1 year: ReportAlso Read - Beware! SHAREit app can be used to hack your phone, delete it now
…it also uses six other NSA tools, with names like EternalChampion, EternalRomance, and DoublePulsar (which is also part of WannaCry), the report said. In its current form, EternalRocks does not have any malicious elements — it does not lock or corrupt files, or use compromised machines to build a botnet — but leaves infected computers vulnerable to remote commands that could weaponise the infection at any time.
EternalRocks is stronger that WannaCry because it does not have any weaknesses, including the kill switch that a researcher used to help contain the ransomware.
EternalBlue also uses a 24-hour activation delay to try to frustrate efforts to study it, the report noted. The last 10 days have seen a wave of cyber attacks that have rendered companies helpless around the globe. First it was WannaCrypt or WannaCry that spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. It encrypted files on infected machines and demanded payment for unlocking them.
WannaCry had some loopholes that made it easier to slow and circumvent. After facing a massive WannaCrypt ransomware attack, another type of malware quietly started generating digital cash from machines it infected. Tens of thousands of computers were affected globally by the Adylkuzz attack that targeted machines, let them operate and only slowed them down to generate digital cash or Monero cryptocurrency in the background. ALSO READ: After WannaCry, new threat from Adylkuzz ransomware lingers
Monero — being popularised by North Korea-linked hackers — is an open-source cryptocurrency created in April 2014 that focuses on privacy, decentralisation and scalability.