Windows 10 is still vulnerable to EternalBlue, the stolen NSA exploit

By: Costea Lestoc
2 minute read
windows 10 eternalblue exploit

Security vendor ESET recently detailed the latest reports regarding Windows attacks. Researcher Ondrej Kubovič released a study about the EternalBlue exploit and its effects after one year. Long story short, the exploit became more popular even than during the WannaCry outbreak. There’s a worrying increase in the number of attacks that are based on the exploit.

And as ESET’s telemetry data shows, its popularity has been growing over the past few months, and a recent spike even surpassed the greatest peaks from 2017,” explains the researcher.

EternalBlue exploit is stronger than ever

The exploit was stolen from the NSA by the hacker group called Shadow Brokers back in April 2916 and it benefits from a vulnerability that was found in the Windows Server Message Block (SMB) protocol. Microsoft rolled out the patches even before the vulnerability became public.

Unfortunately, attackers are still looking for targets, and according to ESET’s researcher, cybercriminals are scanning the Internet for exposed SMB ports, and they’re trying to compromise hosts with an exploit that allows for payloads to be sent on the target machine.

One possible explanation for the latest peak is the Satan ransomware campaign seen around those dates, but it could be connected to other malicious activities as well. […] The exploit has also been identified as one of the spreading mechanisms for malicious cryptominers. More recently, it was deployed to distribute the Satan ransomware campaign, described only a few days after ESET’s telemetry detected the mid-April 2018 EternalBlue peak.


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


Microsoft has already made security fixes available

The patches to fix this vulnerability are already available, and this means that attackers can only hack systems that don’t have them installed. They were released by Microsoft back in March 2017, and updated computers should already be protected.

Also, ESET notes that “the infiltration method used by EternalBlue is not successful on devices protected by ESET. One of the multiple protection layers – ESET’s Network Attack Protection module – blocks this threat at the point of entry.”

The increasing number of attacks suggests that there are still a lot of systems that don’t have the patches installed which raises a lot of concern.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading

Discussions