EternalRocks Ransomware is more stronger than WannaCry

May 22, 2017 | 6:21 pm

Published by | Chandan Singh

NewYork: EternalRocks, a new strain of malware, has been determined by the researchers that target the same susceptibility that wrecked havoc worldwide by ‘WannaCry’ ransomware, a media report said.

EternalRocks exploits the same susceptibility in Windows that helped WannaCry spread to computer systems. The malware includes significantly more threats than WannaCry, rendering it potentially strong to fight.

Just like the original ransomware, known as WannaCry, EternalRocks uses an NSA tool known as EternalRocks uses an NSA tool known as EternalBlue to propagate itself from a single computer to the next through windows. But it also uses six other NSA tools, with names like EternalChampion, EternalRomance, and DoublePulsar (which is also part of WannaCry), Fortune reported.

In its current form, EternalRocks does not have any malicious elements–it does not lock or corrupt documents, or use compromised machines to develop a botnet. Nevertheless, that isn’t particularly encouraging, because EternalBlue leave attacked computers susceptible to remote orders that could ‘weaponize’ the infection at any time.

WannaCry has hit over 150 countries, including India and damaged over 240, 000 machines, mostly those running unpatched versions of Windows 7. It scrambles files on infected machines and demands payment for unlocking them.

EternalRocks is more robust that WannaCry because it does not have any weaknesses, including the kill switch that a researcher used to help contain the ransomware.

EternalBlue also uses a 24-hour activation delay to try to frustrate efforts to study it, the record noted.

The researcher who found EternalRocks will not declare that it has propagated very far yet, but it’s just one example of a wave of new malware based on the NSA-authored exploits. The consequences have been serious, and they could get more serious.

The last 10 days have seen a trend of cyber attacks that contain rendered companies helpless around the globe.
First, it was WannaCry that pass on by using good thing about windows vulnerability that Microsoft released securities patch for in March. It encrypted data files on infected machines and demanded payment for area code them.

WannaCry had some loopholes that made it much easier to slow and prevent.

Over 48, 000 efforts of ransomware attacks were detected in India. With 60 % of the attempt targeted enterprises, while 40 % were on specific customers, a cyber security firm, Quick Heal Technology had said.

Source: economictimes.indiatimes.com