Cyber Attack Attempts Via EternalBlue Rises in Few Months

EternalBlue, a cyber attack that leverages Windows Server Message Block, is reported to have reached a historic high level within the past few months. The patches released by Microsoft to address the vulnerability didn't have any effect on the rise.

According to a blog post by ESET security evangelist, Ondrej Kubovic said his company’s telemetry data has revealed hundreds of thousands of blocked EternalBlue-based attacks taking place daily.

The last couple of years saw the rise in the frequency of EternalBlue detections and the total number of unique clients reporting instances of EternalBlue have markedly climbed.

A mysterious group of hackers who goes by the name Shadow Brokers publicly leaked an array of cyber weapons stolen from the “Equation Group,” which is widely associated with the U.S.

The reasons behind the spike in EternalBlue usage may not be entirely nefarious, however. In both the blog post and his interview, Kubovic noted that corporate security departments are increasingly using EternalBlue “as a means for vulnerability hunting within corporate networks.”