CyberNews Briefs

The First BlueKeep Mass Hacking Is Finally Here—but Don’t Panic

Threat actors are actively exploiting the critical BlueKeep flaw that impacts Remote Desktop Protocol (RDP) implementations on unpatched older Windows operating systems. Microsoft and other companies have warned that the flaw, tracked as CVE-2019-0708, is very dangerous because it could be used by attackers to carry out a massive attack involving a worm, i.e. self-replicating malicious code, just like the 2017 global WannaCry outbreak.

So far, the attacks exploiting BlueKeep have not been as dangerous as feared. Threat actors are exploiting the issue in order to install cryptojacking malware on vulnerable machines. The malware is designed to use the processing power of infected devices to mine for cryptocurrency. Marcus Hutchins of Kryptos Logic said that while “BlueKeep has been out there for a while now [..] this is the first instance where I’ve seen it being used on a mass scale.” According to Jake Williams of Rendition Infosec, the current campaign “hasn’t hit critical mass yet.” Williams says that he has “seen a spike [of attacks], but not the level I’d expect from a worm.”

Read more: The First BlueKeep Mass Hacking Is Finally Here—but Don’t Panic

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.