A worm is a form of self replicating malware. Worms will replicate themselves and send copies across a network. Worms employ a wide variety of techniques to replicate themselves to include network protocols, software, or e-mail. This type of malware can be incredibly destructive because worms can spread so quickly. Once a worm has infected a network, perimeter defenses are useless.
Some famous examples of worms include ILOVEYOU, Wannacry, and the Morris Worm.
Wannacry was released in 2017 and used a National Security Agency (NSA) exploit known as Eternal Blue. Eternal Blue was an exploit created by the NSA to serve as a backdoor into Windows devices.
CVE-2017-0143 to CVE-2017-0148 correspond to Eternal Blue and this exploit can affect Windows 7, Windows Server 2008, Windows XP, and Windows 10 devices through port 445. Though, multiple patches have been created to address this exploit since 2017.
Wannacry uses the Eternal Blue exploit to conduct ransomware attacks. The target’s hard drive is encrypted and a message is sent to the victim demanding payment in exchange for decryption. Many people are pressured to accept the ransom demands because of the value of their files. Wannacry has hundreds of thousands of computers since its creation.
This video lesson is part of the Cyberkraft CompTIA Security+ Course. Get certified in one week and earn $85,000 per year as a certified Security+ cyber security professional.