Thursday, May 22, 2025
HomeMalwareStill More than 50,000 hosts are vulnerable to ETERNAL BLUE Exploit

Still More than 50,000 hosts are vulnerable to ETERNAL BLUE Exploit

Published on

SIEM as a Service

Follow Us on Google News

Eternal Blues, a tool used in finding computers and Endpoints vulnerable to the NSA’s ETERNALBLUE exploit. All we need to do is just to hit a scan, and it will generate the vulnerability report.

EternalBlue Malware infecting Windows based Server Message Block (SMB) protocol Developed By National Security (NSA) and believes that it has been released by Shadow Brokers hackers Group in April 2017 and it has been used for Wanna cry Cyber Attack.

Tool developer EladErez says the tool scanned more than 50,000 hosts vulnerable to ETERNALBLUE exploit.

- Advertisement - Google News
Still More than 50,000 hosts are vulnerable to ETERNAL BLUE Exploit

Also Read NSA Malware “EternalBlue” Successfully Exploit and Port into Microsoft Windows 10

Total number of Scans

Tool scanned almost 8 million IPs and France is the winner with 1.5 million scans, still a majority of hosts (53.82%)  still have SMBv1 enabled but most of them applied MS17-010 patch.

Microsoft recommends users to move for v2 or v3, newer and more secure versions of the protocol. 1 out of 9 hosts in a network is vulnerable to EternalBlue says EladErez.

Actually, the results are higher if the scan performed in local environments then there is no statistics, some users may set statistics disabled.

You can download the Scanner from EladErez homepage.

Also Read 6 Million Verizon Customers Data Leaked online Due to Misconfigured File Repository

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security

A sophisticated new injection campaign has been uncovered, targeting mobile users through malicious third-party...

Docker Zombie Malware Infects Containers for Crypto Mining and Self-Replication

A novel malware campaign targeting containerized infrastructures has emerged, exploiting insecurely exposed Docker APIs...

Hackers Masquerade as Organizations to Steal Payroll Logins and Redirect Payments from Employees

ReliaQuest, hackers have deployed a cunning search engine optimization (SEO) poisoning scheme to orchestrate...

PupkinStealer Exploits Web Browser Passwords and App Tokens to Exfiltrate Data Through Telegram

A newly identified .NET-based information-stealing malware, dubbed PupkinStealer (also known as PumpkinStealer in some...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Docker Zombie Malware Infects Containers for Crypto Mining and Self-Replication

A novel malware campaign targeting containerized infrastructures has emerged, exploiting insecurely exposed Docker APIs...

PupkinStealer Exploits Web Browser Passwords and App Tokens to Exfiltrate Data Through Telegram

A newly identified .NET-based information-stealing malware, dubbed PupkinStealer (also known as PumpkinStealer in some...

Hazy Hawk Targets DNS Vulnerabilities to Hijack Cloud Resources and Spread Malware

The threat actor gained attention in February 2025 after successfully hijacking a subdomain of...