EternalRocks is the new and powerful virus that has just been discovered by Croatian cybersecurity expert Miroslav Stampar, who claims to be more powerful than WannaCry, the ransomware that infected computers in more than 150 countries in mid-May. This new worm contains at least seven “exploits” that supposedly would come from the US National Security Agency (NSA).
Six of these NSA tools were used by the US agency to carry out cybersquatting actions and would have been leaked by hacking group ShadowBrokers.
According to Stampar, EternalRocks exploits the vulnerabilities in Windows regarding the SMB network protocol, using the exploits EternalBlue, EternalChampion, EternalRomance, EternalSynergy, SMBTouch, ArchiTouch and DoublePulsar.
Proof of the enormous power of this new virus is that with just two of these tools, EternalBlue and DoublePulsar, WannaCry was able to sow chaos in several major international companies. In fact, the discoverer of this new worm is declared “scared” after having verified that someone has been able to package “successfully” and “professional” all the exploits that attack the SMB protocol.
A Hidden Virus
Miroslav Stampar explained that EternalRocks is currently in a phase of “propagation”, waiting for “more command and control updates”, which means that at any time can be activated. The “malware” starts to download the exploits 24 hours later, after which it initiates a signal to the other affected servers.
At the moment, this new virus remains hidden in computers. Unlike “WannaCry” it does not activate any “ransomware” that warns the owner of the attacked team that it has a virus. Moreover “I think this is just the beginning,” Stampar said.