Another network worm dubbed EternalRocks is making the news this week as the successor to the WannaCry ransomware. It leverages some of the same vulnerabilities and exploit tools as WannaCry but is potentially more dangerous because it exploits five more NSA tools that were released as part of the ShadowBrokers dump for infection instead of two used by WannaCry.

“EternalRocks” has the potential to spread faster and infect more systems; although currently dormant it could be easily weaponized in an instant, making the need for preventive action urgent.

Why EternalRocks may be bigger than WannaCry

WannaCry used only two of the SMB exploit tools: ETERNALBLUE and DOUBLEPULSAR. EternalRocks leverages seven NSA SMB exploit tools to locate vulnerable systems:

  • ETERNALBLUE
  • DOUBLEPULSAR
  • ETERNALCHAMPION
  • ETERNALROMANCE
  • ETERNALSYNERGY
  • SMBTOUCH
  • ARCHITOUCH

EternalRocks does not have a kill-switch which helped curtail WannaCry and mitigate the ransomware damage.

The clock is ticking with EternalRocks; take advantage of a deep Vulnerability detection tools now before any damage is inflicted on your systems (SMB exploits) – contact 01603 673787