New SMB worm uses 7 tools and exploits of NSA

A Croatian security investigator has discovered a new network worm that uses 7tools and exploits from the US intelligence service NSA. The worm is calledEternalRocks, but its original name isMicroBotMassiveNet“.

EternalRocks spreads through the SMB leak in Windows that is also attacked bythe WannaCry runtime software.

For this, EternalRocks use the EternalBlue operation of the NSA, like WannaCry.

The worm also uses three other SMB exploits called EternalChampion, EternalRomance and EternalSynergy.

Updates to these exploits appeared in March.

Share this information