Windows 10 users at risk of cyberattacks as exploit code shared

Homeland Security warns Microsoft Windows 10 users of potential cyberattacks after exploit code for a ‘wormable’ bug was published online

  • The malware enters a system undetected and spreads to millions of computers
  • The bug targeting Windows 10 is similar to WannaCry that occurred in 2017 
  • Users should add a firewall to block  SMB ports and download the new update

Homeland Security is warning Windows 10 users of potential cyberattacks after exploit code for a ‘wormable’ bug was published online last week.

The agency announced the code allows malicious cyber actors to target systems that did not download Microsoft’s March update, which patched a flaw that allowed hackers to remotely run malicious code on vulnerable computers. 

The ‘wormable’ bug is capable entering a system undetected, spread to millions of computers and cause billions of dollars in damage.

Users are urged to activate a firewall to block SMB ports, the component that lets Windows communicate with other devices, ‘from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible.’

Scroll down for videos 

Homeland Security is warning Windows 10 users of potential cyberattacks after exploit code for a ‘wormable’ bug was published online last week 

The warning was shared by the Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which shared in a statement that they are ‘ware of publicly available and functional proof-of-concept (PoC) code that exploits CVE-2020-0796 in unpatched systems.’

‘Although Microsoft disclosed and provided updates for this vulnerability in March 2020, malicious cyber actors are targeting unpatched systems with the new PoC, according to recent open-source reports.’

‘CISA strongly recommends using a firewall to block SMB ports from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible.’

A researcher shared the code on Github which said: ‘It was written quickly and needs some work to be more reliable.’ Using this for any purpose other than self education is an extremely bad idea,’ according to TechXplore.

The agency announced the code allows malicious cyber actors to target systems that did not download Microsoft's March update, which patched a flaw that allowed hackers to remotely run malicious code on vulnerable computers

The agency announced the code allows malicious cyber actors to target systems that did not download Microsoft’s March update, which patched a flaw that allowed hackers to remotely run malicious code on vulnerable computers

Users are urged to activate a firewall to block SMB ports, the component that lets Windows communicate with other devices, 'from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible'

Users are urged to activate a firewall to block SMB ports, the component that lets Windows communicate with other devices, ‘from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible’

‘Your computer will burst in flames. Puppies will die.’

Even though Microsoft published a patch months ago, tens of thousands of internet-facing computers are still vulnerable.

The ‘wormable’ bug is similar to the infamous WannaCry that wreaked havoc across the globe in 2017.

Cybercriminals stole the hacking tools from the NSA, launching massive ransomware campaigns.

This major extortion scheme hit 150 countries including the US, Britain, Russia, China, Germany and France, and affected 200,000 different companies.

Russia Prime Minister Vladamir Putin spoke out against the intelligence services for the ‘ransomware’ attack in 2017.

He said the NSA should beware of creating software that can later be used for malicious means.

‘As regards the source of these threats, I believe that the leadership of Microsoft have announced this plainly, that the initial source of the virus is the intelligence services of the United States,’ Putin said.

‘Once they’re let out of the lamp, genies of this kind, especially those created by intelligence services, can later do damage to their authors and creators,’ he told reporters in Beijing.

WHAT WAS THE WANNACRY ATTACK?

In May 2017, a massive ransomware virus attack spread to the computer systems of hundreds of private companies and public organisations across the globe.

The software locked computers and asked for a digital ransom before control is safely returned.

In just a few hours, the malware had already infected victims in at least 74 countries, including Russia, Turkey, Germany, Vietnam, and the Philippines – and was estimated to be spreading at a rate of five million emails per hour.

Hospitals and doctors’ surgeries in England were forced to turn away patients and cancel appointments after the attack crippled the NHS. 

The WannaCry virus targeted Microsoft’s widely used Windows operating system.

The virus encrypts certain files on the computer and then blackmails the user for money in exchange for the access to the files.

It leaves the user with only two files: Instructions on what to do next and the Wanna Decryptor program itself.

The hackers asked for payments of around £230 ($300) in Bitcoin.

When opened the software tells users that their files have been encrypted and gives them a few days to pay up or their files will be deleted.

It can quickly spread through an entire network of computers in a business or hospital, encrypting files on every PC.