Cybersecurity researchers have identified a new vulnerability in a widely used networking software tool called Samba, leaving tens of thousands of computers potentially susceptible to yet another WannaCry-like cyberattack. The newly discovered vulnerability affects versions 3.5 and onwards of Samba, which is a free networking software developed for Linux and Unix computers.
Announcing the vulnerability on Wednesday, the US Department of Homeland Security said that it could be exploited by remote hackers to take control of an affected system. The federal agency also urged users and administrators to apply security updates released by Samba to fix the flaw.
"All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it," according to Samba's Security Announcement.
Rebekah Brown of Rapid7, a Boston-based cybersecurity company, told Reuters that there were no signs of hackers using the vulnerability so far. However, she also said that researchers took only 15 minutes to develop malware out of it, suggesting that the Samba loophole can be easily exploited.
Rapid7 said that its researchers have discovered more than 104,000 computers appear to be running vulnerable versions of Samba, with almost 90 percent (92,570) of them currently having no direct patch. Some of these computers apparently belong to organisations and companies, but the majority of them are used by home users.
"While the WannaCry ransomworm impacted Windows systems and was easily identifiable, with clear remediation steps, the Samba vulnerability will impact Linux and Unix systems and could present significant technical obstacles to obtaining or deploying appropriate remediations," Rapid7 said in a blog post.
According to researchers, hackers could potentially use the Samba vulnerability to create worm like the one which allowed WannaCry ransomware to spread so quickly.
Meanwhile, multiple malware tools have cropped up over the last few days, especially after WannaCry created havoc worldwide, affecting hundreds of thousands of computers in 150 countries. According to security researchers, malicious software like EternalRocks, XData and Athena could continue the cyber turmoil from where WannaCry had left off.