Hackers Use The NSA Exploit, EternalBlue to Mine Crypto-Currency

Cyber Criminals Still Exploiting Year Old Vulnerability, EternalBlue

The well-known NSA exploit, EternalBlue, caused major issues for PC users around the world when hackers used it to spread the global ransomware attack, WannaCry.  Shortly after this ransomware attack, Microsoft released a patch for the exploit.  One would think, PC users and IT professionals would make it a top priority to keep their systems updated after this cyber attack.  Or at a minimum, they would patch the EternalBlue exploit.  However, that appears to not be the case.

WannaMine, a crypto-miner that too exploits EternalBlue, has been infecting computers around the world.  Upon executing, the malware installs and runs crypto-mining software, which silently uses the endpoint to mine for the digital currency, Monero.  Finding the malware can be difficult, as WannaMine uses Windows management tools to persist.  Therefore, finding the malicious coding among the legitimate Windows coding may prove to be tricky.

As mentioned earlier, Microsoft patched the EternalBlue exploit approximately one year ago.  Therefore, as long as your computer is up-to-date, you will not be a victim of WannaMine.

Keeping your operating system updated is critical to adequately avoid cyber attacks.  If you have yet to update your system, now seems to be the perfect time.

835 total views, 2 views today

(Visited 5,477 times, 1 visits today)

14 thoughts on “Hackers Use The NSA Exploit, EternalBlue to Mine Crypto-Currency

  1. I no longer have the PCMatic icon and I am constantly getting cookie to backiup fileswhich I have done with a thumb drive. Previous to renewing for another year with PCMatic, I received a daily message that I had been scanned.Is that is no longer available?

  2. There is no such thing as a system that cannot be hacked. The best defense is to make a hacking cost more than it gains.

    • @John Wiggins: That is not true a non networked pc cannot be hacked!!!! in edition even servers dont get “hacked” without back doors being placed that get created on the build so there makers dont have to make changes to these things in person!! if root is only given to the one with the keyboard jobs done! try hacking a server with only port 80 opened specifically no ssh in use and a firewall for the others you wont have so much luck!

      • @l: Then I guess you have never heard of a computer infected from a thumb drive. A non networked computer can be hacked by the simple expedient of some one typing one the keyboard even if it is protected by a password if it is known or a backdoor is available.

  3. This exploit was authored by the US National Security Agency as was dozens of others. For the US government to turn around now, and propose a ban on Kaspersky for allegedly spying on them, is hypocrisy of breathtaking proportions. It is sadly what the “Rest of the World” has now come to expect from the US. Google, Twitter, Facebook and even Microsoft have all got their fingers in the privacy spying industry. The US government and the IT industry are the greatest spy organisation on the planet.

    • @Brian: You do realize that national-level intelligence gathering is not some kindergarten playground “fairness” issue, right? Kaspersky had ties to the Russian intelligence services and the US Government did not want to give the Russians even more access to Government information. Yeah, fairness is a mythical ideal when it comes to national security.

      • @Gary:
        I didn’t mention anything about fairness. What really annoys me, and probably many others, is the fact that the US government is pointing the finger at a foreign government and saying, “Hey, they are spying on us” and failing to own up to doing the same thing to them.

      • @John Wiggins:
        That is not the point I am making. What I am saying, is that when this kind of hacking is reversed, and the US becomes the victim, to raise a song and dance about it is gross hypocrisy.

        • @Brian: The point I am making is that I have a reasonable expectation that US government agencies and corporations will put the interest of the US above that of other countries. If they are unwilling to do that, move to some place you like better.

          • @John Wiggins: You are on point and so correct… It has to be done if we are to continue being a free and strong country….I spent countless hours/days standing ‘Victor Alert’ to help maintain our security…and to counter their same action aimed at us…. We must continue to counter every threat to our interests, whatever that action may be. Why would one even consider this to be hypocrisy?
            @John Wiggins:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.