Cyber Criminals Still Exploiting Year Old Vulnerability, EternalBlue
The well-known NSA exploit, EternalBlue, caused major issues for PC users around the world when hackers used it to spread the global ransomware attack, WannaCry. Shortly after this ransomware attack, Microsoft released a patch for the exploit. One would think, PC users and IT professionals would make it a top priority to keep their systems updated after this cyber attack. Or at a minimum, they would patch the EternalBlue exploit. However, that appears to not be the case.
WannaMine, a crypto-miner that too exploits EternalBlue, has been infecting computers around the world. Upon executing, the malware installs and runs crypto-mining software, which silently uses the endpoint to mine for the digital currency, Monero. Finding the malware can be difficult, as WannaMine uses Windows management tools to persist. Therefore, finding the malicious coding among the legitimate Windows coding may prove to be tricky.
As mentioned earlier, Microsoft patched the EternalBlue exploit approximately one year ago. Therefore, as long as your computer is up-to-date, you will not be a victim of WannaMine.
Keeping your operating system updated is critical to adequately avoid cyber attacks. If you have yet to update your system, now seems to be the perfect time.