The popularity of EternalBlue exploit keeps growing

by Gabriel E. Hall - -

EternalBlue exploit is more popular than it was a year ago

 EternalBlue exploit popularity is growing

Last year we saw one of the largest cyber attacks in the history of the Internet. Known as WannaCry (or WannaCryptor),[1] ransomware hit around 150 countries with the help of EternalBlue exploit kit which allowed exploiting vulnerability in Windows OS and get remote access to the machine. Nevertheless, the file-encrypting virus is not very active at the moment; researchers report that usage of the EternalBlue is higher than it was last year.

The recent research reports[2] that popularity of the exploit kit has been increasing for a couple of months and reached its peak in the middle of April 2018. The situation can be explained quite easily. Many computer users and companies haven’t installed available security patches and cyber criminals are aware of the situation.

EternalBlue exploit was used not only in ransomware distribution, but for delivering cryptojacking malware[3] too. Additionally, Russian hackers were spotted using it for attacking Wi-Fi networks in several hotels in Europe.[4] There’s no doubt that some evil-minded people continue scanning the web using for vulnerable machines right now; while you are reading this article.

EternalBlue targets vulnerability in Windows SMB protocol

The hacker group called Shadow Brokers stolen EternalBlue from the United States Security Agency (NSA) in the middle of April 2017.[5] However, the NSA did not confirm that they created this or several other leaked exploit kits.

However, since exploit kit became available on the dark web, cyber criminals managed to use it a couple of times. Since last year, it was used for worldwide ransomware attacks, including WannaCry, Petya/NotPetya and BadRabbit.

EternalBlue targets a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol via port 445. Such cyber attack allows attackers to execute arbitrary code on the targeted computer remotely.

Simply speaking, when hackers get access to the computer, they can remotely access any device or network connected to the targeted machine. Hence, they might install malware, hack printers or continue spreading via networks. Undoubtedly, this attack is especially dangerous and damaging for companies and organizations. Within a couple of hours, the whole work of the business might be stopped, and important data might be lost due to the cyber attack.

Protecting Windows computer from the attack

Microsoft released a security bulletin MS17-010 on 14 May 2017 to help users to protect their computer from possible cyber attacks. The company provided security updates for all vulnerable versions of Windows, including Windows XP which is not supported since April 2014.

However, not everyone rushed with installing important updates. Countless home computer users and companies are still using unprotected versions of Windows. Security specialists encourages to download them as soon as possible – they are available for free.

Additionally, to keep the computer full protected is also recommended to update all programs and uninstall outdated software that is not being used. Installation of security program is also recommended to keep the machine virus-free.

Prevent websites, ISP, and other parties from tracking you

Private Internet Access is a VPN that can prevent your Internet Service Provider, the government, and third-parties from tracking your online and allow you to stay completely anonymous. The software provides dedicated servers for torrenting and streaming, ensuring optimal performance and not slowing you down. You can also bypass geo-restrictions and view such services as Netflix, BBC, Disney+, and other popular streaming services without limitations, regardless of where you are.

A VPN is also crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that you are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speed.

Therefore, to stay completely anonymous and prevent the ISP and the government from spying on you, you should employ Private Internet Access VPN. It will allow you to connect to the internet while being completely anonymous, prevent trackers, ads, as well as malicious content. Most importantly, you will prevent the illegal surveillance activities that NSA and other governmental institutions are performing behind your back.


Recover your lost files quickly

Unforeseen circumstances can happen at any time while using the computer: it can turn off due to a power cut, a Blue Screen of Death (BSoD) can occur, or random Windows updates can decide to reboot the machine when you went away for a few minutes. As a result, your schoolwork, important documents, and other data might be lost.

Additionally, you might also be attacked by malware that can corrupt your Windows or encrypt files with a robust encryption algorithm, and ask for a ransom in Bitcoin for the decryption tool. Cybercriminals might not deliver what they promised, however, so it is better to attempt alternative file recovery methods that could help you to retrieve at least some portion of the lost data.

Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate computer expert

Gabriel E. Hall is an expert troubleshooter who has been working in the information technology industry for years.

Contact Gabriel E. Hall
About the company Esolutions


Your opinion regarding The popularity of EternalBlue exploit keeps growing