Microsoft’s security team believes that more destructive BlueKeep attacks are on the horizon and urged users and companies alike to apply patches if they’ve been lagging.
The company’s warning comes after security researchers detected the first-ever malware campaign that weaponized the BlueKeep vulnerability.
The attacks, which were detected last weekend, used BlueKeep to break into unpatched Windows systems and install a cryptocurrency miner.
Many security researchers considered the attacks underwhelming and not living up to the hype that was built around BlueKeep for the past six months.
This was because Microsoft said BlueKeep could be used to build wormable (self-spreading) malware. However, the attacks that happened over the weekend did not deploy malware that could spread on its own.
Instead, attackers scanned the internet for vulnerable systems and attacked each unpatched system, one at a time, deploying a BlueKeep exploit, and then the cryptocurrency miner.
This was far from the self-spreading malware outbreak that Microsoft said BlueKeep could trigger. Furthermore, in many cases, the BlueKeep exploit failed to work, crashing systems.
But Microsoft said this is just the beginning, and that attackers will eventually refine their attacks, and that the worst is yet to come.
“While there have been no other verified attacks involving ransomware or other types of malware as of this writing, the BlueKeep exploit will likely be used to deliver payloads more impactful and damaging than coin miners,” Microsoft said today. “We cannot discount enhancements that will likely result in more effective attacks.”
Latest posts by Ripples Nigeria (see all)
- Premium Times journalist, Abdulkareem Haruna, reportedly kidnapped - November 12, 2019
- SOWORE: DSS operatives disperse protesters with gunshots, pepper spray in Abuja - November 12, 2019
- Ahead of Bayelsa poll, court disqualifies APC’s deputy governorship candidate for providing false information to INEC - November 12, 2019