NSA exploit used to target Windows

Next story

EternalBlue is back in the form of EternalChampion, EternalRomance and EternalSynergy.

You might remember that EternalBlue, an exploit stolen from the NSA by a hacking group known as ‘Shadow Brokers’, made headlines last year by targeting older versions of Windows.

Researchers from RiskSense have discovered other such exploits, which can be used to target all versions of Windows, called EternalChampion, EternalRomance and EternalSynergy.

Mark James, ESET IT Security Specialist, discusses the danger of older exploits being repurposed to target new vulnerabilities.

“One of the problems with digital exploits is the ability to tailor them for current or future use.

“Although the original attack method may stop working, it may only take a small tweak in the code to turn it back into a formidable weapon for reuse.

“When it comes to protecting your environment one of the key pieces of advice is keeping your operating system and all your applications patched and up-to-date.

“The worry is that you wave the advice away because it constantly pops up but in some cases it really could mean the difference between getting compromised or not: most exploits rely on an unpatched system, once it’s patched that entry is gone.

“Keeping your system up-to-date these days is not that difficult, programmes both free and paid for will help you make it easier and in most cases will nudge or inform you about updates and when best to install them.”

Do you worry about old exploits coming back to haunt you? Let us know on Twitter @ESETUK.