Researchers Port NSA EternalBlue Exploit to Windows 10

Discussion in '0-day Release' started by RGiskardR, Jun 8, 2017.

  1. RGiskardR

    RGiskardR Malware Tester Silver Member


    Experts at RiskSense have ported the leaked NSA exploit named ETERNALBLUE for the Windows 10 platform. This is the same exploit that was used by the WannaCry ransomware as part of its SMB self-spreading worm in the mid-May WannaCry outbreak that affected over millions of computers across the world.

    The exploit was dumped online in mid-April by a group known as The Shadow Brokers, who claimed they stole it from the Equation Group, a codename given to the NSA.

    Researchers who analyzed the exploit said ETERNALBLUE only worked against older Windows versions such as Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008. Nonetheless, during the WannaCry ransomware attacks, because of the way the exploit was implemented, it mainly targeted Windows 7 machines, while on Windows XP, ETERNALBLUE caused a Blue Screen of Death.

    Full source:
    wwd, Trim and LowcyGier like this.
  2. Google Adsense

Share This Page