After the first shock from WannaCry ransomware, one of the worst malware ever released, security researchers continue to analyze it. As we have seen so far, some different samples of ransomware have been detected by 400.
Security researchers from Trustlook today announced that 386 has been recorded so far with different samples of WannaCry malware.
As you already know from previous publications, the WannaCry uses two tools hacking tools of the NSA that they leaked from Shadow Brokers hacking team. EternalBlue is a tool that exploits a Windows vulnerability while DoublePulsar helps worm transmission over networks.
The vulnerability in Windows has reportedly been patched by Microsoft, which was needed to stop the attack, as the initial WannaCry infections are not believed to have come from a campaign Phishing (phishing), but rather by attackers who scanned for open ports.
As mentioned in a previous publication, Microsoft released another update for Windows XP.
But even though many of us thought that those infected with the malware were using XP, a little bit later the data showed that most of the devices that fell victim to WannaCry were running Windows 7.
The WannaCry was just the beginning, with its 386 samples. A new worm discovered by researchers, and called EternalRocks, uses seven hacking tools της NSA, ενώ το WannaCry χρησιμοποιούσε μόνο δύο. Μέχρι στιγμής, το EternalRocks δεν έχει οπλιστεί με κάποιο ransomware, trojan etc, but this can be done at any time.