Researchers at security firm Guardicore Labs have discovered a significant crypto exploit using outdated Windows 7 audio file technology.
According to the initial report by Guardicore, security researchers Ophir Harpaz and Daniel Goldberg revealed how a medical technology business was attacked by Monero cryptominers using a WAV audio file to hide the malware. Attackers were able to exploit the EternalBlue vulnerability in the Windows 7 operated network.
The report states,
The victim network was infected with a well-obfuscated malware, hiding a Monero cryptominer inside WAV files. The attacker attempted to propagate within the organization by infecting machines running Windows 7 – an operating system soon becoming End-of-Life – and exploiting the infamous EternalBlue vulnerability.
In an interview with Forbes, researcher Daniel Goldberg called the security risk for Windows 7 users “crazy high.”
The risks are crazy high to organizations facing this WAV-based attack if they are running a Windows 7 system after EoL, before the quarter is over, there will be other vulnerabilities discovered in Windows 7 too that will not be fixed by Microsoft and will also be easy to exploit.
Goldberg recommended updating all software still running Microsoft 7 or isolating machines that cannot be upgraded from the rest of the network.
Featured Image Credit: Photo via Pixabay.com