New malware could be as dangerous as WannaCry

Security researchers have warned that more dangerous malware has been released from the recent NSA dump that resulted in the WannaCry ransomware outbreak.

Experts at Secarma have revealed that the attack could be hiding another malicious package, which could be as dangerous as WannaCry.

The exploit is called "ExplodingCan," and it is capable of infiltrating "fully patched Windows 2003 servers offering IIS 6.0, under certain conditions." Secarma claims that some 375,000 systems worldwide could be affected, including telecoms, banking, educational and government institutions.

"After WannaCry hit, people were asking what is going to be the next attack. We've been analyzing the dump of exploits that WannaCry was derived from and it’s clear that ExplodingCan is one to be significantly concerned about," says Secarma managing director Paul Harris.

"Ultimately this is in the same risk category as the WannaCry attacks. It's another way for cybercriminals and hacking teams to access your environment and, once they’re in, the internal parts of these systems are wide open to a variety of different attack vectors. This could escalate exponentially with more ransomware attacks, as we saw affecting the NHS last month, but equally likely are more stealthy attacks which result in data breaches, the theft of intellectual property or sensitive information. All the user passwords of an entire organization, for example an airline or NHS Trust, could be acquired and exploited for personal gain or end up for sale on the dark web."

Secarma is looking into possible solutions and is in touch with Microsoft, but the problem is Windows XP and Server 2003 are no longer supported.

Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.

Photo Credit: fotogestoeber/Shutterstock