With WannaCry garnering a lot of attention over the last few days, it’s easy to forget that the root cause of the damage it wreaked is still out there. The vulnerability it exploited was a weakness in Windows’ file-sharing protocol. And while the threat of WannCry has been largely contained, if the vulnerability, dubbed EternalBlue by the NSA, remains unpatched, it can be exploited by others. And that’s something being identified in the wild.
There’s a report at The Verge that describes some other EternalBlue-based malware that has been identified. One variant, Adylkuzz, is unlikely to affect too many people as it tries to mine for a small-time crypto-currency. Interestingly, it was around before WannaCry suggesting those bad guys weren’t thinking big enough.
But a nastier variant called UIWIX, found by Trend Micro, can infect machines without writing to storage making it harder to detect. That suggests the rapid shutdown of WannaCry and the subsequent actions of Microsoft in fixing the out-of-support Windows XP, has pushed malware developers to accelerate their programs in order to exploit the remaining pool of vulnerable computers.
Again, I reiterate my advice. Update your software regularly and don’t run out-of-support operating systems and applications.
Comments
2 responses to “WannaCry Is The Tip Of The Iceberg”
People who don’t keep their operating systems, or any other software for that matter, up to date can’t complain when they suffer the effects of a hack, virus or even ransomware.
It’s like complaining when your old TV can’t play a 4k movie.
Agreed. Part of the issue is that a lot of people still see security as something you add to a system and not something that is baked in. There is also a perception that software is like a simple machine where the number of potential points of failure are limited. Software is complex and made by humans.