Categories: NewsSecurity

EternalRocks SMB Worm Developer Bails on Project due to Massive Media Coverage

A few days ago, we highlighted a new potential threat in the form of the EternalRocks SMB worm. What makes this worm so special is how it uses seven different NSA exploits to attack users. However, it looks as if this threat has come to an abrupt end, as the author of the malware has thrown in the towel. This does not mean the worm is no longer a potential threat, though, as it is unclear if the source code is out in the open.

EternalRocks Worm Developer Overwhelmed By Media Attention

It is evident a lot of media outlets – including The Merkle – have paid special attention to the EternalRocks SMB worm. That was only to be expected, as this malicious tool combined seven different NSA exploits to wreak havoc all over the world. Given the recent threat by the WannaCry ransomware, any malicious tool leveraging NSA tools is making quite a lot of media headlines these days.

Interestingly enough, it appears these media headlines have caused the EternalRocks SMB worm developer to get cold feet. More specifically, it seems the entire SMB worm operation has been shut down altogether all of a sudden. That is particularly good news for both security experts and consumers all over the world. However, this sudden change of heart also raises a lot of questions as to whether or not someone else has been given access to the source code in the process.

It appears the developer of EternalRocks has officially shut down the worm’s command & control server on Wednesday. To be more specific, the developer alerted everyone using the server’s web panel of how the worm is not ransomware, nor is it a real danger. EternalRocks was merely designed as a “game”, yet the overwhelming media coverage, made it seem like something the developer had never intended it to be. The worm itself has the capability of being weaponized through additional nefarious payloads, albeit that never actually happened.

Related Post

What makes this whole ordeal even more interesting is how the MSB worm is still in circulation, albeit it only delivers a dummy executable. Once someone tries to run the executable in question, they will be greeted with an error message. Moreover, the current iteration of EternalRocks no longer downloads the shadowbrokers.zip exploit file, which means it can’t harm any computer. Moreover, even computers recently infected by this worm can no longer spread to other targets.

It is not the first time a developer of a nefarious tool suddenly shuts down the project without warning. Ransomware developers often tend to do so, mostly due to the growing media coverage or their tool becoming far less successful. Media coverage is not the ultimate goal for every internet criminal out there, that much is evident. Most criminals are in it for the publicity, yet the person responsible for the EternalRocks worm is not one of them.

The bigger question is whether or not someone got their hands on the EternalRocks source code. All of the

NSA exploits used by this worm have been released by the Shadow Brokers already in the past few months. It wouldn’t take much effort to build a similar tool and weaponize it with a malware or a ransomware payload in the process. Any tool exploiting SMB weaknesses found in the Windows operating system should not be dismissed easily, even if the developer gives up on the project.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

100% Bonus Offer from BlockDAG, INJ Dominates DeFi & ADA Price Stumbles

Whales Make a Splash After BlockDAG's 100% Bonus Offer Goes Live - INJ Ecosystem Boosts…

3 hours ago

Plus Wallet: Top Crypto Wallet for Massive Rewards

Plus Wallet—Where Effortless Crypto Management and Rewards Align Perfectly In the world of cryptocurrency management,…

4 hours ago

Aptos (APT) and Tron (TRX) Prices Slide, As Volume Soars For Rollblock Suggesting Parabolic Rally

As Aptos and Tron prices take a recent downturn, the spotlight shifts to Rollblock, whose…

11 hours ago

Altcoins to Watch in November: Binance Coin (BNB), Rollblock (RBLK), and Neiro (NEIRO)

As the crypto markets roll into their most bullish time of year, we present three…

11 hours ago

Analysts Forecast $1 for Cardano and Lunex Network As Dogwifhat Plunges To Former Lows

As the crypto market prepares for a major rally, experts believe that two top altcoins,…

11 hours ago

Retail Traders Panic Sell During ‘Fake Dip’; Whales Hold Tight to SOL, DTX, and SHIB for a Millionaire-Maker Bull Run

Solana (SOL): A Strong Ecosystem Despite Volatility Solana (SOL) has been all over the place…

12 hours ago