MobileNews

The first in-the-wild BlueKeep attack isn’t as dangerous as feared

When word broke of the BlueKeep vulnerability in Windows, many feared a repeat of NotPetya and other widespread worms that have wreaked havoc. They might not have to worry quite so much, though. Kryptos Logic has discovered the first known in-the-wild BlueKeep exploit, and it isn’t as vicious as feared. The initial attack from a “low-level actor” appears to have scanned the internet and infected vulnerable systems with a cryptocurrency miner, but little else. There are no data wipes, no automatic spreading or other signs of a worm in action.

There’s been a “spike” in traffic related to the flaw, Rendition Infosec’s Jake Williams told Wired, but it hasn’t hit “critical mass.”

This doesn’t rule out the possibility of a more serious BlueKeep attack. There were still 735,000 computers open to BlueKeep as of August, according to Errata Security. However, the window of opportunity for a large-scale attack is closing. The longer it takes for someone to develop a large-scale attack, the more people patch their PCs against it. This may be one of those precious instances where a potentially serious vulnerability fizzles out due to both slow-to-move hackers and, importantly, an effective campaign to patch people’s computers.


Author: Jon Fingas
Source: Engadget

Related posts
AI & RoboticsNews

H2O.ai improves AI agent accuracy with predictive models

AI & RoboticsNews

Microsoft’s AI agents: 4 insights that could reshape the enterprise landscape

AI & RoboticsNews

Nvidia accelerates Google quantum AI design with quantum physics simulation

DefenseNews

Marine Corps F-35C notches first overseas combat strike

Sign up for our Newsletter and
stay informed!