EternalBlue is one of the handful of “exploitation tools” leaked by a group called The Shadow Brokers (TSB) that take advantage of weaknesses in how Windows implemented the Server Message Block (SMB) protocol. The WannaCry and NotPetya ransomware strains used this exploit to target unpatched systems. For more information, see this blog post on how threat actors are using SMB vulnerabilities in their attack campaigns.
| CARVIEW |
Select Language
HTTP/2 301
server: nginx
date: Fri, 10 Oct 2025 03:22:52 GMT
content-type: text/html; charset=utf-8
location: https://www.malwarebytes.com/cybersecurity/eternalblue/
x-redirect-by: Yoast SEO Premium
x-rq: bom4 0 30 9980
x-cache: MISS
strict-transport-security: max-age=31536000
HTTP/2 301
server: nginx
date: Fri, 10 Oct 2025 03:22:53 GMT
content-type: text/html; charset=UTF-8
location: https://www.malwarebytes.com/glossary/eternalblue
host-header: a9130478a60e5f9135f765b23f26593b
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-redirect-by: WordPress
x-cache: MISS
x-rq: bom4 0 30 9980
strict-transport-security: max-age=31536000
HTTP/2 200
server: nginx
date: Fri, 10 Oct 2025 03:22:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Origin
x-pingback: https://www.malwarebytes.com/xmlrpc.php
host-header: a9130478a60e5f9135f765b23f26593b
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
link: ; rel="alternate"; title="JSON"; type="application/json"
link: ; rel=shortlink
content-encoding: gzip
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
x-cache: MISS
x-rq: bom4 0 30 9980
strict-transport-security: max-age=31536000
EternalBlue | Malwarebytes Glossary