Although the most important weaknesses have been fixed by the latest security update of Windows patching Eternalblue, the fact that there is still a large pool of vulnerable systems that WannaCry did not infect means that computers running on Windows XP can soon become easy targets for further infections, Szappanos said in a press release sent to the Budapest Business Journal.

Szappanos warned that, based on the latest trends, “if one technique proves to be successful, many copycat groups jump on it.” He added that the first signs of this are already showing, such as the Uiwix ransomware and the Adylkuzz bitcoin miner. “This tendency is expected to go on,” he noted.

“We don’t expect cybercriminals to use a new unknown vulnerability. Remote code execution vulnerabilities, such as the one attacked by WannaCry, are very rare nowadays, and cybercriminals don’t have access to new, unpatched vulnerabilities. It takes some time for a vulnerability to reach cybercrime groups, and by that time it is usually fixed a long time ago,” Szappanos said.

“I also don’t expect that criminals would use worms to use the vulnerabilities revealed by the Shadow Brokers leak. They would prefer more containable solutions, as worms can easily get out of control – as happened with WannaCry. More likely they are going to use the vulnerabilities to infect computers manually, injecting the malware into target systems, but the malware themselves will not have a spreading capability,” Szappanos added.

By Christian Keszthelyi

Source: BBJ

Republished with permission