Skip to main content

New malware the size of WannaCry uncovered

(Image credit: Image Credit: JMiks / Shutterstock)

Security researchers have warned that more dangerous malware has been released from the recent NSA dump that resulted in the WannaCry ransomware outbreak.

Experts at Secarma (opens in new tab), have revealed that the attack could be hiding another malicious package which could be as dangerous as WannaCry.

The exploit is called 'ExplodingCan', and it is capable of infiltrating 'fully patched Windows 2003 servers offering IIS 6.0, under certain conditions'. Secarma claims that some 375,000 systems worldwide could be affected, including telecoms, banking, educational and government institutions.  

“After WannaCry hit, people were asking what is going to be the next attack. We've been analysing the dump of exploits that WannaCry was derived from and it’s clear that ExplodingCan is one to be significantly concerned about,” said Secarma managing director Paul Harris.

“Ultimately this is in the same risk category as the WannaCry attacks. It's another way for cybercriminals and hacking teams to access your environment and, once they’re in, the internal parts of these systems are wide open to a variety of different attack vectors. This could escalate exponentially with more ransomware attacks, as we saw affecting the NHS last month, but equally likely are more stealthy attacks which result in data breaches, the theft of intellectual property or sensitive information. All the user passwords of an entire organisation, for example an airline or NHS Trust, could be acquired and exploited for personal gain or end up for sale on the dark web.”

Secarma is looking into possible solutions and is in touch with Microsoft, but the problem is – Windows XP and Server 2003 are no longer supported. 

Image Credit: JMiks / Shutterstock

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.