"BlueKeep" attack hits unpatched Windows PCs

Security researchers have spotted the first mass-hacking campaign using the BlueKeep exploit; however, the exploit is not being used as a self-spreading worm, as Microsoft was afraid it would happen.

In May this year, Microsoft released a patch for the highly-critical remote code execution flaw in its Windows Remote Desktop Services that could be exploited remotely to take full control over vulnerable systems just by sending specially crafted requests over RDP.

But so far, the widespread BlueKeep hacking merely installs a cryptocurrency miner, leeching a victim's processing power to generate cryptocurrency. And rather than a worm that jumps unassisted from one computer to the next, these attackers appear to have scanned the internet for vulnerable machines to exploit. That makes this current wave unlikely to result in an epidemic.

"BlueKeep has been out there for a while now. But this is the first instance where I've seen it being used on a mass scale," says Marcus Hutchins, a malware researcher for security firm Kryptos Logic who was one of the first to build a working proof-of-concept for the BlueKeep vulnerability. "They're not seeking targets. They're scanning the internet and spraying exploits."

Read more -here-

• Microsoft is laying off as many as 9,000 employees
• NASA will start livestreaming content on Netflix later this summer
• The government's Apple antitrust lawsuit is still on
• Millions of printers open to hacks due to unpatchable security flaw
• Microsoft to retire the Blue Screen of Death for a Black Void
• Google rolls out Street View time travel to celebrate 20 years of Google Earth