After the first shock from WannaCry ransomware, one of the worst malware ever released, security researchers continue to analyze it. As we have seen so far, some different samples of ransomware have been detected by 400.
Security researchers from Trustlook announced today that 386 different instances of it have been recorded so far maliciousWannaCry software.
As you already know from previous publications, the WannaCry uses two tools hacking tools of the NSA that they leaked from Shadow Brokers hacking team. EternalBlue is a tool that exploits a vulnerability of Windows, while DoublePulsar helps spread the worm over networks.
The vulnerability in Windows is said to have been fixed by Microsoft, something that was needed to stop the attack, as it is believed that the original WannaCry infections did not come from a phishing campaign, but rather from the attackers who scanned for open ports.
As mentioned in a previous publication, Microsoft released another update for Windows XP.
But although many of us thought that those infected by the malware, they were using XP, a bit later the data showed that most of the devices that fell victim to WannaCry were running Windows 7.
The WannaCry was just the beginning, with its 386 samples. A new worm discovered by researchers, and called EternalRocks, uses seven NSA hacking tools, while WannaCry used only two. So far, EternalRocks has not been armed with any ransomware, trojans, etc., but this can happen at any time.
