Remember National Security Agency’s (NSA) most potent and capable hacking tools were leaked on the internet a year ago? Well, hackers are still using these tools to hijack unpatched computers that are vulnerable to hacks. The worst part is, these unpatched systems are vulnerable to hacks that can be used to take over their devices entirely. This makes these attacks all the more dangerous.
According to the security research company Akamai, hackers are using the UPnProxy vulnerability to target hundreds of thousands of unpatched computers behind the router’s firewall. Researchers warn that these tools can be used to create a bigger malicious proxy network that can cause harm on a larger scale.
Earlier, attackers were using UPnProxy which affects Universal Plug and Play network protocol to remap the Several computers in UK National Health Service and in Russia that were targeted two years ago using these tools. These attacks affected dozens of countries including India, Ukraine, and Taiwan. According to Akamai, apart from 3.5 million devices that were vulnerable to attacks, numbers of vulnerable systems got limited to 277,000. However, more than 45,000 of these computers are already infected. These numbers can change depending on the amount of computers attackers continue to scan to compromise new devices. Shadow Brokers published the EternalBlue exploit in April was later patched by Microsoft. Whereas EternalRed exploit affected Linux devices.
Another crypto mining attack was caused by these stolen NSA hacking tools that were published online. Hackers started using these exploits to attack the vulnerable computers to run ransomware on businesses, hospitals, and thousands of computers. These attacks were spread like fire, WannaCry and NotPetya attacks were some of them. It didn’t stop there, the attack affected all the computers on the network. The recovery was slow, and cost reached millions in damages.
To handle the situation on Windows computers, Microsoft released patches to close the backdoor that allowed these attacks. But almost one million computers and networks are still vulnerable to these attacks. Although these WannaCry attacks are no more active, attackers are still using exploits from NSA to infect computers with cryptomining malwares like WannaMine.
It is no surprise that NSA’s hacking tools are causing havoc in the world. The agency is involved in developing several hacking tools to sneak on different devices all over the world.
The latest implementation is being called Eternal Silence by Akamai researchers. The company suggests to use routers without UPnP or make sure that the protocol is disabled on their router. For the long-term solution, consider investing in the new routers.
Areen Zahra
Fazeel Ashraf
