Categories: NewsSecurity

EternalRocks SMB Worm Developer Bails on Project due to Massive Media Coverage

A few days ago, we highlighted a new potential threat in the form of the EternalRocks SMB worm. What makes this worm so special is how it uses seven different NSA exploits to attack users. However, it looks as if this threat has come to an abrupt end, as the author of the malware has thrown in the towel. This does not mean the worm is no longer a potential threat, though, as it is unclear if the source code is out in the open.

EternalRocks Worm Developer Overwhelmed By Media Attention

It is evident a lot of media outlets – including The Merkle – have paid special attention to the EternalRocks SMB worm. That was only to be expected, as this malicious tool combined seven different NSA exploits to wreak havoc all over the world. Given the recent threat by the WannaCry ransomware, any malicious tool leveraging NSA tools is making quite a lot of media headlines these days.

Interestingly enough, it appears these media headlines have caused the EternalRocks SMB worm developer to get cold feet. More specifically, it seems the entire SMB worm operation has been shut down altogether all of a sudden. That is particularly good news for both security experts and consumers all over the world. However, this sudden change of heart also raises a lot of questions as to whether or not someone else has been given access to the source code in the process.

It appears the developer of EternalRocks has officially shut down the worm’s command & control server on Wednesday. To be more specific, the developer alerted everyone using the server’s web panel of how the worm is not ransomware, nor is it a real danger. EternalRocks was merely designed as a “game”, yet the overwhelming media coverage, made it seem like something the developer had never intended it to be. The worm itself has the capability of being weaponized through additional nefarious payloads, albeit that never actually happened.

Related Post

What makes this whole ordeal even more interesting is how the MSB worm is still in circulation, albeit it only delivers a dummy executable. Once someone tries to run the executable in question, they will be greeted with an error message. Moreover, the current iteration of EternalRocks no longer downloads the shadowbrokers.zip exploit file, which means it can’t harm any computer. Moreover, even computers recently infected by this worm can no longer spread to other targets.

It is not the first time a developer of a nefarious tool suddenly shuts down the project without warning. Ransomware developers often tend to do so, mostly due to the growing media coverage or their tool becoming far less successful. Media coverage is not the ultimate goal for every internet criminal out there, that much is evident. Most criminals are in it for the publicity, yet the person responsible for the EternalRocks worm is not one of them.

The bigger question is whether or not someone got their hands on the EternalRocks source code. All of the

NSA exploits used by this worm have been released by the Shadow Brokers already in the past few months. It wouldn’t take much effort to build a similar tool and weaponize it with a malware or a ransomware payload in the process. Any tool exploiting SMB weaknesses found in the Windows operating system should not be dismissed easily, even if the developer gives up on the project.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

NYC Entrepreneur Wins Big with BTC: BlockDAG Could Be Next

Mia Sanders, NYC Entrepreneur, Made Millions by Investing in BTC: Could BlockDAG Be Next for…

16 hours ago

Miami Artist Earns $5.2M with Solana: BlockDAG’s Future Prospects?

A Miami Artist's $5.2M Solana Success: Does BlockDAG Hold Equal Promises for 30,000x ROI? Success…

22 hours ago

Chainlink And Aptos Investors Migrate To The Presale Of New Crypto Instant Funding Prop Firm FXGuys ($FXG)

Recent market trends show that the new DeFi coin, FXGuys ($FXG), has been the go-to…

23 hours ago

Polkadot Price Prediction; Can XLM’s Rally Hold Strong as New Crypto Brings Passive Income? 

Curious about where the Polkadot price is headed? Or maybe you’re wondering if XLM’s rally…

23 hours ago

Best Crypto Presale to Watch: Could This Be the Next 9000% Breakout Star?

Any investor can achieve outstanding profit by selecting the best crypto presale in the growing…

23 hours ago

Influential Support for BlockDAG; Updates on Solana & XRP

Crypto Influencers Eye BlockDAG’s Bullish $142.5M Presale & BULLRUN100 Offer; Latest on XRP & Solana…

23 hours ago