Move Over WannaCry , New Threats on the Way
등록일 2019년 01월 07일 일요일
수정일 2017년 05월 21일 일요일

Cyber-security woes are getting worse internationally as a new threat appears on the horizon.

The new malware, apparently crafted by a single individual, uses seven of the U.S.National Security Agency's leaked hacking tools.

The NSA's EternalBlue exploit is one of many tools which the elite hacker group Shadow Brokers is said to have stolen.It was leaked to the public on April 14.

Hackers have been capitalizing on Shadow Brokers' work already, most notably in the form of WannaCry—the unprecedentedly widespread ransomware attack responsible for subverting a sizable portion of the U.K.'s National Health Services network as well as many systems for multinational shipping corporation FedEx.

According to security researcher Malwarebytes, WannaCry wasn't spread via spam email but, rather, via a scanning operation that sought vulnerable SMB ports facing the public.It then used EternalBlue to board the network and deploy DoublePulsar, which would install the ransomware.

Other hackers have been using sophisticated techniques to repackage the EternalBlue exploit since its release.Secdo, a cyber-security firm, reported that a minimum of three different entities were "leveraging the NSA EternalBlue exploit to infect, install backdoors and copy user credentials in networks around the world" three weeks before WannaCry's launch.

So far, no traces have been detected for the upcoming attack, which is purported to spawn threads within legitimate applications to impersonate those apps, allowing it to avoid even cutting-edge antivirus solutions.

Michael Fox기자  
릴레이 인터뷰
더보기