Meet "EternalRocks"

HutchinsonJC

Senior member
Apr 15, 2007
467
207
126
I got to pondering about the Welchia virus. How terrible would it be for someone to use this new SMB flaw based worm to create something that just downloads the patch against the SMB flaw...
 

Elixer

Lifer
May 7, 2002
10,371
762
126
This still can be stopped dead in its tracks if people would patch up & block SMB ports from unknown machines.
Might as well block onion addresses (& torproject.org) as well, since that is how it gets the payload.

For what it is worth, here is a write up about "eternalrocks" https://github.com/stamparm/EternalRocks
 

XSoldier77X

Member
May 23, 2017
113
9
81
that's right i guess, it usually does get distributed via tor. last time i checked there weren't any cures for the
This still can be stopped dead in its tracks if people would patch up & block SMB ports from unknown machines.
Might as well block onion addresses (& torproject.org) as well, since that is how it gets the payload.

For what it is worth, here is a write up about "eternalrocks"

Looked it up and the part about nsa was, ouch! thanks for the share.