After the first shock from WannaCry ransomware, one of the worst malware ever released, security researchers continue to analyze it. As we have seen so far, some different samples of ransomware have been detected by 400.
Security researchers from Trustlook today announced that 386 has been recorded so far with different samples of WannaCry malware.
As you already know from previous publications, the WannaCry uses two tools hacking tools of the NSA leaked by Shadow Brokers hacking team. EternalBlue is a tool that exploits a Windows vulnerability while DoublePulsar helps worm transmission over networks.
The vulnerability in Windows is said to have been fixed by Microsoft, something that was needed to stop the attack, as it is believed that the original WannaCry infections did not come from a phishing campaign, but rather from the attackers who scanned for open ports.
As mentioned in a previous publication, Microsoft released another update for Windows XP.
But even though many of us thought that those infected with the malware were using XP, a little bit later the data showed that most of the devices that fell victim to WannaCry were running Windows 7.
The WannaCry was just the beginning, with its 386 samples. A new worm discovered by researchers, and called EternalRocks, uses seven NSA hacking tools, while WannaCry uses only two. So far, EternalRocks has not been armed with a ransomware, trojan, etc. but this can be done at any time.