‘Petya’ ransomware attack stems from NSA exploit – Snowden, security experts

Latest news

    View the original article: https://www.rt.com/viral/394318-petya-ransomware-nsa-exploit-snowden/?utm_source=rss&utm_medium=rss&utm_campaign=RSS

    The Petya ransomware that spread across the globe Tuesday was made possible thanks to EternalBlue – a hacking tool used by the NSA to exploit a Windows vulnerability it left open for five years, Edward Snowden and security experts have said.

    According to cybersecurity company Kaspersky Lab, the latest ransomware attacks are a variation on the original Petya, which has been around since last year. “This appears to be a complex attack which involves several attack vectors,” Kaspersky Lab said Tuesday. “We can confirm that a modified EternalBlue exploit is used for propagation at least within the corporate network.”

    “How many times does @NSAGov’s development of digital weapons have to result in harm to civil infrastructure before there is accountability?” Snowden tweeted. “Listen, people can disagree on surveillance. But when NSAGov’s focus on offense over defense shuts down US hospitals, it’s time to act.”

    The NSA’s hacking team, Equation Group (or Tailored Access Operations), lost control of its trove of hacking exploits and, last August, a group calling themselves the Shadow Brokers announced it had access to those tools.

    READ MORE: Shadow Brokers hackers release NSA hacking tools to punish Trump for ‘abandoning’ his base

    In April, the group released some of the tools, which were verified by Snowden and The Intercept. The release included an exploit called EternalBlue, which uses a Microsoft Windows Server Message Block (SMB) vulnerability to access computer systems.

    READ MORE: Shadow Brokers launches monthly subscription service offering nuclear, banking secrets

    The NSA had discovered a vulnerability in Microsoft Windows software and chose to keep it open for years, instead of telling Microsoft, so it could use it to its advantage.

    The Equation Group then created or purchased EternalBlue malicious code. An NSA source told the WP that using EternalBlue was “like fishing with dynamite.”

    Microsoft only released a patch for the vulnerability in March, even though in 2014, the Obama administration guaranteed it would disclose serious vulnerabilities and exploits to US manufacturers, as a result of Snowden’s own NSA leaks.

    According to the Shadow Brokers, it released a screenshot from the Equation Group’s lost disk of tools in January, with the understanding that the Equation Group would then tell Microsoft and the vulnerability would be patched.

    Eternal Blue was used in the WannaCry global ransomware attack in May. The malicious code was combined with a code that allowed it to spread quickly.

    READ MORE: Ransomware virus plagues 100k computers across 99 countries

    In the same category are

    Euro irreversible, says German finance minister after Merkel & Macron agree on Eurozone budget The euro is here to stay and serve as a guarantor of a stronger, more cohesive Europe, Germany’s finance minister said as he commended French Presiden...
    Perks of being in NATO: New HQ has big screen to watch World Cup It’s the world’s biggest military alliance, with 29 member countries, but the best perk of being a NATO member may be the big screen at the alliance’s...
    Light attack plane crashes in New Mexico A US Air Force light attack plane crashed Friday over a bombing range in New Mexico. One pilot was injured, while the condition of the second one was ...
    Germans split on whether Merkel should remain chancellor, poll shows amid coalition feud A new poll shows that some 43 percent of Germans believe that Chancellor Angela Merkel should step down. It comes amid fears that her rift with Bavari...
    Washington “indefinitely” delays 2 more military exercises with Seoul The US continues to wind down the scope of its military activity on North Korea’s doorstep, with the Pentagon announcing on Friday it was “indefinitel...
    Dozens of Palestinians injured by Israeli forces during protest at Gaza border (PHOTOS) Dozens of Palestinian protesters have been injured by Israeli forces gathered at the Gaza border for the Great Return March, according to the Ministry...

    Leave a comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.