Windows 10 is still vulnerable to EternalBlue, the stolen NSA exploit

2 minute read
windows 10 eternalblue exploit

Security vendor ESET recently detailed the latest reports regarding Windows attacks. Researcher Ondrej Kubovič released a study about the EternalBlue exploit and its effects after one year. Long story short, the exploit became more popular even than during the WannaCry outbreak. There’s a worrying increase in the number of attacks that are based on the exploit.

And as ESET’s telemetry data shows, its popularity has been growing over the past few months, and a recent spike even surpassed the greatest peaks from 2017,” explains the researcher.

EternalBlue exploit is stronger than ever

The exploit was stolen from the NSA by the hacker group called Shadow Brokers back in April 2916 and it benefits from a vulnerability that was found in the Windows Server Message Block (SMB) protocol. Microsoft rolled out the patches even before the vulnerability became public.

Unfortunately, attackers are still looking for targets, and according to ESET’s researcher, cybercriminals are scanning the Internet for exposed SMB ports, and they’re trying to compromise hosts with an exploit that allows for payloads to be sent on the target machine.

One possible explanation for the latest peak is the Satan ransomware campaign seen around those dates, but it could be connected to other malicious activities as well. […] The exploit has also been identified as one of the spreading mechanisms for malicious cryptominers. More recently, it was deployed to distribute the Satan ransomware campaign, described only a few days after ESET’s telemetry detected the mid-April 2018 EternalBlue peak.


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


Microsoft has already made security fixes available

The patches to fix this vulnerability are already available, and this means that attackers can only hack systems that don’t have them installed. They were released by Microsoft back in March 2017, and updated computers should already be protected.

Also, ESET notes that “the infiltration method used by EternalBlue is not successful on devices protected by ESET. One of the multiple protection layers – ESET’s Network Attack Protection module – blocks this threat at the point of entry.”

The increasing number of attacks suggests that there are still a lot of systems that don’t have the patches installed which raises a lot of concern.

RELATED STORIES TO CHECK OUT:

Next up

What are the best Backgammon games for Windows 10, 8?

By: Arici Alexandra
4 minute read

Keep your Backgammon game passion going in Windows 10, Windows 8 thanks to these 6 best Backgammon apps. Backgammon is a classic game most of us […]

Continue Reading

What are the best Zuma apps for Windows 10, 8?

By: Arici Alexandra
3 minute read

Zuma is one of the most popular mini games that has ever been released. Everybody I know including grandparents, workmates and kids have been one […]

Continue Reading

Can’t get apps from the Microsoft Store in Windows 10 v1803? [FIX]

By: Costea Lestoc
2 minute read

On Microsoft’s forum, one user has an interesting question that seems to have bothered more people. Fortunately, there’s an independent advisor who comes up with […]

Continue Reading

Discussions