Search results
Results From The WOW.Com Content Network
EternalBlue [5] is a computer exploit software developed by the U.S. National Security Agency (NSA). [6] It is based on a vulnerability in Microsoft Windows that allowed users to gain access to any number of computers connected to a network. The NSA knew about this vulnerability but did not disclose it to Microsoft for several years, since they ...
DoublePulsar is a backdoor implant tool developed by the U.S. National Security Agency's (NSA) Equation Group that was leaked by The Shadow Brokers in early 2017. [3] [citation needed] The tool infected more than 200,000 Microsoft Windows computers in only a few weeks, [4] [5] [3] [6] [7] and was used alongside EternalBlue in the May 2017 WannaCry ransomware attack.
The Shadow Brokers (TSB) is a hacker group who first appeared in the summer of 2016. [1] [2] They published several leaks containing hacking tools, including several zero-day exploits, [1] from the "Equation Group" who are widely suspected to be a branch of the National Security Agency (NSA) of the United States.
A number of experts highlighted the NSA's non-disclosure of the underlying vulnerability, and their loss of control over the EternalBlue attack tool that exploited it. Edward Snowden said that if the NSA had "privately disclosed the flaw used to attack hospitals when they found it, not when they lost it, the attack may not have happened". [107]
The "NotPetya" variant used in the 2017 attack uses EternalBlue, an exploit that takes advantage of a vulnerability in Windows' Server Message Block (SMB) protocol. EternalBlue is generally believed to have been developed by the U.S. National Security Agency (NSA); [28] it was leaked in April 2017 and was also used by WannaCry.
Eternal Blue may refer to: EternalBlue, a National Security Agency (USA) cyberattack exploit; Eternal Blue, a 2021 album by Spiritbox which takes its name from the exploit; Lunar: Eternal Blue, a role-playing video game by Game Arts and Studio Alex
With many of the Zealot exploits being leaked from the NSA, the malware suite is widely described as having “an unusually high obfuscated payload”, meaning that the exploit works on multiple levels to attack the vulnerable server systems, causing large amounts of damage. [4]
The leaked tools were developed by the Equation Group, a cyberwarfare group with suspected ties to the NSA. [19] Among the tools leaked by the Shadow Brokers was EternalBlue, which the NSA had used to exploit bugs in Microsoft Windows. [5] This prompted Microsoft to issue updates to guard against the tool. [8]