Technology
BlueKeep mass attacking vulnerable machines
San Francisco, Nov 4
The "BlueKeep" remote code execution vulnerability, which could have an effect similar to the WannaCry bug from 2017, is currently attacking vulnerable machines that are apparently compromised for cryptocurrency mining purposes, according to media reports.
The BlueKeep vulnerability exists in unpatched versions of Windows Server 2003, Windows XP, Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2.
According to security researcher Kevin Beaumont, several honeypots in his EternalPot RDP honeypot network started to crash and reboot.
They've been active for almost half a year and this is the first time they came down. For some reason, the machines in Australia did not crash, the researcher said in a tweet, Bleeping Computer reported on Sunday.
Security researchers, including Beaumont who originally named the vulnerability and Marcus Hutchins, also known as "MalwareTech", who was responsible for hitting the kill switch that stopped the WannaCry bug, have confirmed that a widespread BlueKeep exploit attack is now currently underway.
Hutchins was quoted as saying by the Wired that "BlueKeep has been out there for a while now. But this is the first instance where I've seen it being used on a mass scale."
Interestingly, BlueeKeep has the ability to spread itself from one machine to another, while the attackers are searching for vulnerable unpatched Windows systems that have Remote Desktop Services (RDP) 3389 ports exposed to the Internet.
For now though, this looks like being an attack campaign with a cryptocurrency miner payload, according to Forbes.
The BlueKeep vulnerability exists in unpatched versions of Windows Server 2003, Windows XP, Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2.
According to security researcher Kevin Beaumont, several honeypots in his EternalPot RDP honeypot network started to crash and reboot.
They've been active for almost half a year and this is the first time they came down. For some reason, the machines in Australia did not crash, the researcher said in a tweet, Bleeping Computer reported on Sunday.
Security researchers, including Beaumont who originally named the vulnerability and Marcus Hutchins, also known as "MalwareTech", who was responsible for hitting the kill switch that stopped the WannaCry bug, have confirmed that a widespread BlueKeep exploit attack is now currently underway.
Hutchins was quoted as saying by the Wired that "BlueKeep has been out there for a while now. But this is the first instance where I've seen it being used on a mass scale."
Interestingly, BlueeKeep has the ability to spread itself from one machine to another, while the attackers are searching for vulnerable unpatched Windows systems that have Remote Desktop Services (RDP) 3389 ports exposed to the Internet.
For now though, this looks like being an attack campaign with a cryptocurrency miner payload, according to Forbes.
28 minutes ago
FIFA WC: 'Haaland is unstoppable in the box,' says Vieri ahead of Norway vs England quarterfinal
30 minutes ago
FIFA WC: When and where to watch Argentina vs Switzerland, know all details
3 hours ago
Boat carrying Indian tourists capsizes in Vietnam, several killed
5 hours ago
Courtroom drama was on Kajal Aggarwal’s radar for a long time
5 hours ago
Television actor Rohit Chandel arrested for allegedly stalking, harassing a minor
5 hours ago
Matt Damon wants to collaborate with Shekhar Kapur
5 hours ago
India ranks 1st in milk production, 2nd in mobile, 3rd in auto globally: PM Modi in New Zealand
5 hours ago
Onion prices jump in Chennai as Maharashtra supply drops, traders warn of further rise
5 hours ago
FSSAI slaps Swiggy Instamart with 9 notices following consumer complaints
5 hours ago
Sabarimala Tantri designate opts out, cites ill health
5 hours ago
Correct script, pronunciation: Centre issues fresh guidelines for National Song, National Anthem
5 hours ago
Six women die after C-sections in Bhilwara, two in Banswara; Gehlot seeks central probe
5 hours ago
Bengaluru man murders mother, grandmother, brother-in-law; dies by suicide
