What’s the next big threat after WannaCry? A new malware called EternalRock

eternalRock

The dust has still not settled on the WannaCry malware that affected thousands of computers around the world and we have amidst us a new threat called EternalRock.

A few days ago, Miroslav Stamper who is a cyber security expert working for the Croatian government, tweeted about a new malware called EternalRock that leverages multiple vulnerabilities that got surfaced from the NSA hack. If you have to compare WannaCry to EternalRock, just think about the fact that WannaCry only used two expolits. EternalRock is therefore a far more dangerous threat.

Why EternalRock is different from WannaCry?

WannaCry is a Trojan virus that when affects your computer, will hold it ‘hostage’. This means that the malware will block access to all your files and folders until you pay a ransom to decrypt the files.

EternalRock on the other hand does not do anything for the first twenty four hours after getting injected in the system. In then starts downloading more malwares to your system from the dark web. This makes it even harder to detect by anti-malware and anti-virus software’s. Moreover, like WannaCry, EternalRocks does not have a ‘kill switch’ so it’s not easy to get rid of it, so to speak.

While the impact that EternalRock can cause in the desktop and mobile ecosystem is not known at this time, it has the potential to cause massive disruption in cyber security.

Consequences on the mobile app ecosystem

The mobile app ecosystem is huge and is growing at a rapid pace. Millions of apps are downloaded everyday on various mobile platforms be it Android, iOS or Windows. A malware like EternalRock gaining access to mobile devices has disaster written all over it.

Do you remember Flappy Bird, a mobile game that went viral? In a short span of time this game was being downloaded all over the world on millions of devices. Let’s say that EternalRock was packaged by its author in a neat game like Flappy Bird and introduced in the mobile app ecosystem. You can just imagine the consequences.

Now Flappy Bird was a free game. Let’s take a popular paid game, like Monument Valley, where users have to pay to download the game as well as for in-game purchases. Can you imagine the amount of personal data that can be stolen from the users by a malware like EternalRock? It will be huge.

Also, it can result in huge revenue loss for the company and they will have their reputation at stake. Not to forget the multiple data breaches!

What's the solution?

The only way to prevent the above mentioned situation is to protect your mobile app from being exploited. Here’s when Quixxi comes to your rescue.

Quixxi offers a unique security wrapper which is a multilayered binary protection engine. It uses military grade cryptography technology and security algorithms to prevent reverse engineering, decompilation, malware attacks and tampering.

In addition to this, you get access to the Quixxi control modules:

  1. Licensing: Helps minimize unauthorized use of your mobile app. You can identify threats and turn losses into revenue.
  2. System diagnostics: Helps in tracking technical issues and fixing them automatically before the users report the problem.
  3. User analytics: Intelligent analytical data to give you the key insights on your user base.
  4. Patcher: Helps in bug fixes between app version releases. Can be used for individual devices, user groups or the entire install base.

Conclusion

The mobile app ecosystem is always susceptible to hacks and malware attacks such as EternalRock and you need to be prepared for it. Quixxi prevents you getting into such situations thereby protecting your data, revenue and reputation.

To get more information about Quixxi and if you have an app, get a free vulnerability test now.