and more recently, the cryptojacking malware WannaMine
Sean Dillion, a security researcher at RiskSense, has modified the
source code of three other leaked NSA tools called
EnternalRomance, EternalChampion, and EnternalSynergy. In the
past, he also ported the EternalBlue exploit to work
on Windows 10.
released the source code on his GitHub
repo which includes a disclaimer stating
that “the software has been created purely for academic research
and for the development of effective defensive techniques.” He
won’t use it to attack systems.
modified exploits are meant to take advantage of the
vulnerabilities CVE-2017-0146 and CVE-2017-0143. An attacker can
compromise an affected Windows system and perform remote code
execution and remote control operations.
every version of Windows released since Windows 2000 is affected,
including the 32-bit and 64-bit variants of Windows Server,
Windows XP, Windows 7, Windows Vista, Windows 8, etc.
list also includes Microsoft’s latest active operating system
Windows 10 which is believed to be safe from the modified
exploits, provides it’s loaded with all the updates and security
fixes. However, the threat remains for older Windows 10
versions that aren’t secured with the patches
released in March last year.
would make it more problematic is the fact that Microsoft has even
dropped support for them, for instance, the Anniversary Update
(14393) which is among the affected versions.
exploit module could also bring trouble for corporates which are
hesitant when it comes to keeping their software up-to-date,
mostly due to compatibility issues.
know more about the modified NSA exploit module, you can visit Dillion’s
the most famous of the NSA tools leaked by the hacker group Shadow
Brokers was EnternalBlue which gave birth to dangerous malware