According to a recent report, hundreds of thousands of computers running on dated versions of the Windows operating system are now at risk of being compromised, thanks to a vulnerability that could allow hackers to embed a mining malware from their end.
The flaw, which was named BlueKeep, is reported to have affected up to 700,000 individual computers already, as hackers have been more than happy to keep using it to remotely mine cryptocurrencies with older Windows computers. There have been several warnings about the flaw, as security experts have even deployed a patch to help fix it. Still, hackers have continued to find more sophisticated ways of embedding malware and compromising the private information of their targets.
BlueKeep Vulnerability Still Affects 700,000 Windows Computers
Surprisingly, the BlueKeep flaw was only discovered in May 2019, despite it affecting computers operating on Windows 7 and older. Microsoft revealed that millions of Windows devices running on the dates operating system were vulnerable to it, while adding that the flaw could also allow an automated worm to spread between computers.
The BlueKeep vulnerability enables a hacker to exploit Microsoft’s Remote Desktop Protocol and potentially gain complete remote code execution on unpatched machines. Hackers use it to install remote miners, thus using the processing power of the victim computer to enrich themselves.
Also, attackers seem to have found a method to scan the Internet for vulnerable machines to exploit. With this ability to anticipate possible targets, this current wave could easily result in malware epidemic. Marcus Hutchins, a malware researcher for security firm Kryptos Logic, was the first person to recognize a working proof-of-concept for the BlueKeep vulnerability. He claimed that while the vulnerability has been existent for a while, this is the first time that he is seeing it being exploited on a mass scale.
“They (the hackers) are not seeking targets. They’re scanning the Internet and spraying exploits,” he added.
Luckily, a recent patch has helped nip this issue in the bud. Still, the prevalent problem is that while these computers are old, many remain either blissfully unaware of the update or aren’t even bothered to make the switch to newer operating systems.
So, whether due to non‐deliberate ignorance or a lack of desire to move to a better platform (and/or device), these users could continue being milked for their processing power.
Things Could Potentially Get Worse
The prospect of having your computer exploited for gain is a concerning feature for malware. However, tech news medium PC Mag points out that hackers could be able to scan for operating systems that are connected to the net, thus creating the chance of a single script affecting multiple computers.
With this access, malware could move from simply mining crypto assets to mining data on behalf of the attackers as well.