Following the news this that Fancy Bear – the hacking group allegedly responsible for the Democratic National Committee (DNC) hack last year – is using the leaked NSA ‘EternalBlue exploit’ that was used for the WannaCry and NotPetya attacks to target the hospitality industry across Europe and the Middle East. Chris Wysopal, Co-Founder and CTO at Veracode commented below.
Chris Wysopal, Co-Founder and CTO at Veracode:
“After the havoc that arose from the WannaCry and NotPetya attacks, it’s not surprising that notorious cyber gangs are finding new ways to use the NSA’s EternalBlue exploit to support their criminal activities. The EternalBlue exploit has been shown to be extremely effective at spreading malware infections to other unpatched Microsoft systems.
Microsoft has indicated that a number of different versions of Windows are vulnerable to the EternalBlue exploit, even those currently receiving support. It is imperative that IT teams from all businesses across all industries ensure that the version of Windows that they are using is not vulnerable to EternalBlue and, if so, take the necessary steps to remediate it. With three attacks using this exploit having occurred over just the past few months, we’re likely to see cybercriminals continuing to deploy it until devices are patched and it is no longer an effective vector for them to spread malware.”