Leaked NSA Exploit SPREADING RANSOMWARE WORLDWIDE

Discussion in 'Cyber' started by Falcon, May 13, 2017.

Share This Page

  1. Falcon

    Falcon Major Staff Member Social Media Team

    Joined:
    Oct 10, 2015
    Messages:
    994
    Likes Received:
    1,502
    Location:
    United-States
    LEAKED NSA EXPLOIT SPREADING RANSOMWARE WORLDWIDE
    by Michael Mimoso

    [​IMG]

    A ransomware attack running rampant through Europe today is spreading via an exploit leaked in the most recent ShadowBrokers dump.

    Researchers at Kaspersky Lab said the attackers behind today’s outbreak of WannaCry ransomware are using EternalBlue, the codename for an exploit made public by the mysterious group that is in possession of offensive hacking tools allegedly developed by the NSA.

    EternalBlue is a remote code execution attack taking advantage of a SMBv1 vulnerability in Windows. Microsoft patched the vulnerability on March 14, one month before the exploit was publicly leaked. Spain’s Computer Emergency Response Team, Kaspersky Lab, and others are recommending organizations install MS17-010immediately on all unpatched Windows machines.

    Most of the attacks are concentrated in Russia, but machines in 74 countries have been infected; researchers at Kaspersky Lab said in a Securelist report published today they’ve recorded more than 45,000 infections so far on their sensors, and expect that number to climb.

    Sixteen National Health Service (NHS) organizations in the U.K., several large telecommunications companies and utilities in Spain, and other business worldwide have been infected. Critical services are being interrupted at hospitals across England, and in other locations, businesses are shutting down IT systems.

    The BBC reports that hospitals in London and other major cities in England have been hit. Patient care has been impacted at some hospitals with non-urgent surgeries being postponed and emergency patients redirected to other facilities.

    The Guardian said hospitals run by the East and North Hertfordshire NHS Trust, Barts Health in London, and other facilities in Southport and Blackpool are known to be down. The ransomware has locked admins out of email servers and medical staff cannot access patient and clinical systems.

    Read more:
    https://threatpost.com/leaked-nsa-exploit-spreading-ransomware-worldwide/125654/
     
  2. BlueHawk

    BlueHawk Captain

    Joined:
    Jan 19, 2017
    Messages:
    485
    Likes Received:
    501
    Location:
    Norway
    Hobby:
    Sport
    The funny part NSA is not thinking on. What bank account do these hacker have. Do u think i am the only one who is able to see this one? Would you pay 10 000 dollars to find out? or maybe just hack the program it self to see what the bank account is?
     
  3. BlueHawk

    BlueHawk Captain

    Joined:
    Jan 19, 2017
    Messages:
    485
    Likes Received:
    501
    Location:
    Norway
    Hobby:
    Sport
    And one more thing. Would it not be brestige to show the public people we have all the information who they are what bank account they have and what bank it is. Maybe the security is so good that they forget to think normal what people demand and expect. Maybe all of them are tired to see all the crap you guys are delivering. But they dont say anything.
     
  4. hh2017

    hh2017 Officer Candidate

    Joined:
    May 17, 2017
    Messages:
    7
    Likes Received:
    8
    Location:
    /Content/Project/Phase 3
    The group that did the attack is from north Korea and/or works for north Korea.

    This first attack was easy to kill because all it took was one guy registering the domain name. The next wave of attack will not be as easy to stop because criminals do learn from their mistakes.

    The bit coin thing is harder to solve.

    Here is the basic idea of how it works/my understanding of it anyway:
    So, lets say you are that desperate company/government who pays the Bit coin ransom that is demanded. The funds go into an account called a mixer/tumbler where lots of other funds from other places go in with it that are doing legal transactions. The funds are randomly mixed then paid out to hundreds of different users. This makes it impossible to trace/charge the criminal unless you arrest everyone.
     
Loading...