WebsiteGear Logo Log In
New User? Sign Up
About | Contact | FAQ
  Home News Technology Software Products Saturday, June 24, 2017 
Add Press Release News | News Feeds Feeds | Email This News Email


WannaCryptor wasn't the first to use EternalBlue: Attackers exploited vulnerabilities just days after Shadow Brokers leak
Friday, May 19, 2017

TORONTO, May 19, 2017 /CNW/ - New research from ESET® reveals key insights into WannaCryptor (a.k.a. WannaCry), a new type of ransomware that has become one of the largest cybersecurity stories in years. ESET has uncovered that other large-scale infections were misusing the EternalBlue and DoublePulsar exploits well before the WannaCryptor ransomware was spread.

The same mechanism as WannaCryptor had been misused by hackers as early as April 28(th), when they opted for off-the-shelf cryptocurrency mining software instead of the encrypting payload. This way, they connected the infected machines into a giant net mining the Monero cryptocurrency, in some cases leading to their overload and subsequent freeze or significant decrease in performance.

"It was expected to see multiple malware authors integrate EternalBlue into their malware: the effectiveness of this exploit on unpatched machines is indisputable. Until the number of unpatched machines goes down to an insignificant amount, there will be a strong incentive for bad actors to keep on exploiting the vulnerability to spread their malware," said Alexis Dorais-Joncas, security intelligence lead at the Montreal-based ESET global malware lab.

The WannaCryptor attack has resulted in a reverberating effect with many more hackers increasing their efforts in the wake of this global breakout. ESET has since seen a significant increase in the number of malicious emails sent out by the notorious Nemucod operators, spreading Filecoder.FV ransomware.

While Canadian companies managed to largely avoid the attack, major corporations around the globe fell victim to the WannaCryptor ransomware including FedEx Corp, Telefonica SA and Portugal Telecom. ESET has been able to protect its clients from more than 66,000 attack attempts thanks to its network protection module, which has been blocking attack attempts to exploit the leaked vulnerability at the network level since April 25(th), well before this particular malware was even created. While network detection was in place first, it was only one of many technologies that worked to protect users. Advanced Memory Scanner and file detection also came into play.

Other tips from ESET to prevent this massive global cybersecurity threat include:

    1. Updating and patching your operating system. The EternalBlue exploit uses
       a vulnerability in the Windows that has already been patched by
       Microsoft.
    2. Using a reliable security solution that has multiple layers to shield
       from similar threats in the future.
    3. Keep backups on a remote hard disk or location that will not be targeted
       in case of a network infection.
    4. Do not pay the ransom. There have been multiple stories where no
       decryptor or key was sent after the payment was made. There is also no
       way for the attackers to match the payment to a specific victim who sent
       it to one of the shared BitCoin wallets.

If you would like to learn more about this global cybersecurity threat and ESET's in-depth analysis of the situation, please visit www.WeLiveSecurity.com, where updates on the matter and cybersecurity insights are posted and updated daily.

About ESET

For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET's high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET was the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single "in-the-wild" malware without interruption since 2003. For more information visit www.eset.com or follow us on LinkedIn, Facebook and Twitter.

SOURCE ESET Canada



Email This News Email | Submit To Slashdot Slashdot | Submit To Digg.com Digg | Submit To del.icio.us Del.icio.us | News Feeds Feeds

RELATED NEWS ARTICLES
Nav Fastbase, Inc. Becomes Influencer in Digital Advertising and Data-Driven Marketing Industries by Providing Powerful Lead Identification Tool | Jun 23, 2017
Nav Oracle Named a Leader in the 2017 Gartner Magic Quadrant for Mobile App Development Platforms | Jun 23, 2017
Nav Authentica Solutions Announces the Release of DataSense RapidRoster | Jun 23, 2017
Nav Commissions Inc (CINC) Recognized as One of the 40 Fastest-Growing Companies in Georgia for the Third Consecutive Year | Jun 23, 2017
Nav REX Announces Their New Decentralized Real Estate Platform and Upcoming Token Sale | Jun 23, 2017
Nav Fitness App Market 29.45% CAGR by 2021 Says a New Research Report at ReportsnReports.com | Jun 23, 2017
Nav TCS Ranked as a Top Employer of US Talent in the IT Services Sector | Jun 23, 2017
Nav Prison Management Systems Market 4.96% CAGR to 2021 Driven by Vendor's Pricing Strategies | Jun 23, 2017
Nav Digital Home Food Delivery Market Report 2017-2027 | Jun 23, 2017
Nav RedBite Solutions Launches itemit - The World's Simplest Asset Management Software | Jun 22, 2017
NEWS SEARCH

FEATURED NEWS | POPULAR NEWS
Submit News | View More News View More News