If you think WannaCry is Huge, wait for EternalRocks!
While the world was responding to the WannaCry attack—which only utilized the EternalBlue exploit and the DoublePulsar backdoor—researchers discovered another piece of malware, EternalRocks, which actually exploits seven different Windows vulnerabilities
Miroslav Stamper, a security researcher at the Croatian Government CERT, first discovered EternalRocks. This new malware is far more dangerous than WannaCry. Unlike WannaCry, EternalRocks has no kill switch and is designed in such a way that it‘s nearly undetectable on afflicted systems.
Stamper found this worm after it hit his Server Message Block (SMB) honeypot. After doing some digging, Stampar discovered that EternalRocks disguises itself as WannaCry to fool researchers, but instead of locking files and asking for ransom, EternalRocks gains unauthorized control on the infected computer to launch future cyber attacks.
How dangerous is EternalRocks?
When EternalRocks hits a computer, it downloads a Tor browser and connects that computer to its command and control (C&C) server located in an unidentified location in the web. To avoid detection, EternalRocks stays dormant in the infected computer for 24 hours before activating and communicating with its C&C server.
Read the entire article here, If you think WannaCry is huge, wait for EternalRocks! « ManageEngine Blogs
via the fine folks at ManageEngine