Published on July 8th, 2019 📆 | 6362 Views ⚑0
The world’s most famous and dangerous APT (state-developed) malware
EnternalBlue may not be malware per-se, in the classical meaning of the word, being more of an exploit, but it was still developed by a nation-state entity and should fit on this list. It was created by the NSA and became public in April 2017, when a group of mysterious hackers known as The Shadow Brokers published the code online.
After its release, it was first used in cryptocurrency mining campaigns, but it truly became a widely-known and recognizable term after it was embedded in the code of the three ransomware outbreaks of 2017, namely WannaCry, NetPetya, and Bad Rabbit.
Since then, EternalBlue has refused to die and has been widely used by all sorts of cyber-criminal operations, all of who use it as a mechanism for spreading to other systems inside compromised networks, by exploiting misconfigured SMBv1 clients on Windows computers.