443:
patch to recent
Windows users and customers of its $ 1,000 per device Extended Support contracts, a move that left organisations such the UK's NHS vulnerable to the WannaCry attack. A month after the patch was first released, Microsoft took the rare step of making it available for free to users of all vulnerable Windows editions dating back to Windows XP.
414:, initially attributed this attack to EternalBlue; in a memoir published in February 2021, Perlroth clarified that EternalBlue had not been responsible for the Baltimore cyberattack, while criticizing others for pointing out "the technical detail that in this particular case, the ransomware attack had not spread with EternalBlue".
417:
Since 2012, four
Baltimore City chief information officers have been fired or have resigned; two left while under investigation. Some security researchers said that the responsibility for the Baltimore breach lay with the city for not updating their computers. Security consultant Rob Graham wrote in
442:
Knight First
Amendment Institute, have criticised Microsoft for shifting the blame to the NSA, arguing that it should be held responsible for releasing a defective product in the same way a car manufacturer might be. The company was faulted for initially restricting the release of its EternalBlue
281:
The NSA did not alert
Microsoft about the vulnerabilities, and held on to it for more than five years before the breach forced its hand. The agency then warned Microsoft after learning about EternalBlue's possible theft, allowing the company to prepare a software patch issued in March 2017, after
208:. The NSA knew about this vulnerability but did not disclose it to Microsoft for several years, since they planned to use it as a defense mechanism against cyber attacks. In 2017, the NSA discovered that the software was stolen by a group of hackers known as the
963:
636:
231:, used the EternalBlue exploit to attack computers using Windows that had not received the latest system updates removing the vulnerability. On June 27, 2017, the exploit was again used to help carry out the
1346:
1472:
216:
the vulnerability. While this was happening, the hacker group attempted to auction off the software, but did not succeed in finding a buyer. EternalBlue was then publicly released on April 14, 2017.
408:
by digital extortionists; the attack froze thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services. Nicole
Perlroth, writing for
438:
stolen". The stockpiling strategy prevented
Microsoft from knowing of (and subsequently patching) this bug, and presumably other hidden bugs. However several commentators, including Alex Abdo of
380:
At the end of 2018, millions of systems were still vulnerable to
EternalBlue. This has led to millions of dollars in damages due primarily to ransomware worms. Following the massive impact of
1901:
1921:
418:
a tweet: "If an organization has substantial numbers of
Windows machines that have gone 2 years without patches, then that’s squarely the fault of the organization, not EternalBlue."
466:
program that infected 230,000 computers in May 2017 only uses two NSA exploits, so researchers believe
EternalRocks to be significantly more dangerous. The worm was discovered via a
1049:
1329:
531:
670:
1587:
1207:
1292:
1480:
335:
started to use the
EternalBlue vulnerability to spread itself. The next day (May 13, 2017), Microsoft released emergency security patches for the unsupported
2073:
1613:
392:
caused over $ 1 billion worth of damages in over 65 countries, using EternalBlue as either an initial compromise vector or as a method of lateral movement.
3066:
1891:
1835:
728:
549:
1458:
1160:
1232:
607:
699:
1402:
941:
1076:
797:
426:
After the WannaCry attack, Microsoft took "first responsibility to address these issues", but criticized government agencies like the NSA and
1881:
1650:
2005:
878:
271:
430:
for stockpiling vulnerabilities rather than disclosing them, writing that "an equivalent scenario with conventional weapons would be the
3056:
2419:
1886:
1373:
2553:
2535:
2036:
1814:
1580:
1131:
493:
The malware even names itself WannaCry to avoid detection from security researchers. Unlike WannaCry, EternalRocks does not possess a
3061:
2559:
2085:
2046:
1681:
506:
1860:
1311:
1347:"The need for urgent collective action to keep people safe online: Lessons from last week's cyberattack - Microsoft on the Issues"
2619:
2565:
2140:
2031:
991:
405:
1182:
1967:
1804:
1706:
733:
2026:
1799:
848:
242:, after they likely found and re-purposed the software, as well as reported to have been used as part of the Retefe banking
278:
mishandles specially crafted packets from remote attackers, allowing them to remotely execute code on the target computer.
1906:
1618:
1608:
1573:
2780:
2170:
1957:
1896:
1855:
1753:
328:
publicly released the EternalBlue exploit code on April 14, 2017, along with several other hacking tools from the NSA.
2275:
2010:
1773:
427:
189:
96:
585:
2964:
2305:
2160:
1952:
1845:
1789:
431:
332:
239:
2445:
2414:
2041:
567:
435:
232:
197:
2583:
2150:
2068:
1974:
1947:
243:
193:
2739:
2403:
1876:
1809:
1655:
479:
2613:
2469:
2300:
1962:
482:, a private network that conceals Internet activity, to access its hidden servers. After a brief 24 hour "
290:, March 14, 2017, Microsoft issued security bulletin MS17-010, which detailed the flaw and announced that
462:
that infects Microsoft Windows. It uses seven exploits developed by the NSA. Comparatively, the WannaCry
2754:
2589:
2373:
1737:
1258:
820:
274:(CVE) catalog. The vulnerability exists because the SMB version 1 (SMBv1) server in various versions of
2517:
2398:
2110:
1819:
1768:
1763:
1545:
1312:"Baltimore political leaders seek briefings after report that NSA tool was used in ransomware attack"
1023:
467:
359:
259:
1102:
937:
363:
3016:
2888:
1916:
1732:
1378:
968:
787:
439:
344:
319:
315:
311:
294:
had been released for all Windows versions that were currently supported at that time, these being
228:
177:
173:
169:
165:
1428:
1161:"Microsoft release Wannacrypt patch for unsupported Windows XP, Windows 8 and Windows Server 2003"
729:"'President Trump what the f**k are you doing' say Shadow Brokers and dump more NSA hacking tools"
3026:
3021:
2918:
2547:
2310:
2236:
1926:
1727:
825:
410:
367:
325:
209:
1550:
1531:
486:", the server then responds to the malware request by downloading and self-replicating on the "
389:
355:
3031:
2913:
2883:
2487:
2343:
1701:
1665:
1323:
1054:
883:
644:
483:
371:
283:
275:
238:
The exploit was also reported to have been used since March 2016 by the Chinese hacking group
213:
201:
2959:
2811:
2734:
2383:
2320:
2195:
1644:
1555:
1107:
938:"Vulnerability CVE-2017-0144 in SMB exploited by WannaCryptor ransomware to spread over LAN"
792:
263:
205:
2969:
2944:
2908:
2836:
2749:
2744:
2388:
2180:
2090:
1794:
1136:
964:"NSA officials worried about the day its potent hacking tool would get loose. Then it did"
637:"NSA officials worried about the day its potent hacking tool would get loose. Then it did"
512:
1502:
2708:
2703:
2393:
2378:
2368:
2363:
2295:
2270:
2265:
2260:
2205:
1660:
1050:"Microsoft Releases Patch for Older Windows Versions to Protect Against Wana Decrypt0r"
915:
550:"TrojanDownloader:Win32/Eterock.A threat description - Microsoft Security Intelligence"
487:
291:
106:
50:
1473:"Newly identified ransomware 'EternalRocks' is more dangerous than 'WannaCry' - Tech2"
331:
Many Windows users had not installed the Microsoft patches when, on May 12, 2017, the
3050:
2831:
2290:
2249:
2245:
2241:
910:
459:
295:
287:
220:
145:
1132:"Wanna Decryptor: The NSA-derived ransomware worm shutting down computers worldwide"
2775:
2729:
2529:
2493:
2348:
2338:
2231:
2226:
2221:
2095:
1911:
1840:
704:
612:
351:
137:
1559:
1208:"NSA Exploits Ported to Work on All Windows Versions Released Since Windows 2000"
873:
267:
3011:
3001:
2949:
2857:
2801:
2713:
2662:
2353:
2080:
1711:
906:"Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability"
494:
350:
In February 2018, EternalBlue was ported to all Windows operating systems since
303:
157:
57:
755:
532:"Trojan:Win32/EternalBlue threat description - Microsoft Security Intelligence"
2954:
2939:
2867:
2657:
2607:
2511:
2463:
2439:
2427:
2285:
2210:
2200:
2190:
2175:
2135:
2060:
1691:
463:
374:
336:
307:
224:
161:
141:
133:
129:
125:
121:
648:
212:. Microsoft was informed of this and released security updates in March 2017
2985:
2862:
2826:
2816:
2688:
2505:
2255:
2185:
2125:
1686:
1080:
1001:
996:
401:
340:
299:
255:
204:
that allowed users to gain access to any number of computers connected to a
153:
149:
43:
31:
671:"An NSA Cyber Weapon Might Be Behind A Massive Global Ransomware Outbreak"
2893:
2821:
2806:
2625:
2601:
2475:
2457:
2358:
2280:
2115:
2100:
2000:
1979:
1758:
905:
760:
385:
381:
1293:"Eternally Blue: Baltimore City leaders blame NSA for ransomware attack"
2923:
2796:
2759:
2693:
2672:
2642:
2595:
2577:
2499:
2433:
2215:
2130:
2120:
2105:
1565:
608:"NSA-leaking Shadow Brokers just dumped its most damaging release yet"
3006:
2898:
2852:
2667:
2481:
2451:
2330:
2315:
2145:
1984:
1696:
788:"The Strange Journey of an NSA Zero-Day—Into Multiple Enemies' Hands"
700:"An NSA-derived ransomware worm is shutting down computers worldwide"
675:
64:
1459:"New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two"
1278:
This Is How They Tell Me the World Ends: The Cyberweapons Arms Race
366:, two other exploits originally developed by the NSA and leaked by
2631:
2571:
2541:
1850:
1233:"One Year After WannaCry, EternalBlue Exploit Is Bigger Than Ever"
370:, were also ported at the same event. They were made available as
2903:
2698:
1942:
1429:"Microsoft held back free patch that could have slowed WannaCry"
819:
Perlroth, Nicole; Scott, Mark; Frenkel, Sheera (June 27, 2017).
586:"Win32/Exploit.Equation.EternalSynergy.A | ESET Virusradar"
81:
1569:
1403:"Microsoft faulted over ransomware while shifting blame to NSA"
992:"Microsoft has already patched the NSA's leaked Windows hacks"
1259:"In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc"
849:"EternalBlue Exploit Used in Retefe Banking Trojan Campaign"
1882:
Hollywood Presbyterian Medical Center ransomware incident
1551:
Microsoft Update Catalog entries for EternalBlue patches
1374:"Microsoft slams US government over global cyber attack"
568:"TROJ_ETEROCK.A - Threat Encyclopedia - Trend Micro USA"
821:"Cyberattack Hits Ukraine Then Spreads Internationally"
756:"'NSA malware' released by Shadow Brokers hacker group"
262:(SMB) protocol. This vulnerability is denoted by entry
1103:"The Ransomware Meltdown Experts Warned About Is Here"
2994:
2978:
2932:
2876:
2845:
2789:
2768:
2722:
2681:
2650:
2641:
2412:
2329:
2159:
2059:
2019:
1993:
1935:
1869:
1828:
1782:
1746:
1720:
1674:
1637:
1630:
117:
112:
102:
92:
26:
21:
1427:Waters, Richard; Kuchler, Hannah (May 17, 2017).
1024:"Microsoft Security Bulletin MS17-010 – Critical"
635:Nakashima, Ellen; Timberg, Craig (May 16, 2017).
1922:Russian interference in the 2016 U.S. elections
1257:Perlroth, Nicole; Shane, Scott (May 25, 2019).
1581:
8:
1328:: CS1 maint: multiple names: authors list (
781:
779:
1892:Democratic National Committee cyber attacks
1532:"EternalBlue – Everything There Is To Know"
2647:
1836:Office of Personnel Management data breach
1634:
1588:
1574:
1566:
1310:Rector, Ian Duncan, Kevin (May 26, 2019).
1183:"Customer Guidance for WannaCrypt attacks"
879:CVE - Common Vulnerabilities and Exposures
282:delaying its regular release of security
254:EternalBlue exploits a vulnerability in
1453:
1451:
1449:
523:
80:Win32/Exploit.Equation.EternalSynergy (
1530:Grossman, Nadav (September 29, 2017).
1321:
18:
1341:
1339:
1276:Perlroth, Nicole (February 9, 2021).
669:Fox-Brewster, Thomas (May 12, 2017).
601:
599:
7:
1546:Microsoft Security Bulletin MS17-010
272:Common Vulnerabilities and Exposures
1887:Commission on Elections data breach
1101:Newman, Lily Hay (March 12, 2017).
3067:Windows communication and services
246:since at least September 5, 2017.
14:
2047:Jeff Bezos phone hacking incident
1048:Cimpanu, Catalin (May 13, 2017).
944:from the original on May 16, 2017
800:from the original on May 12, 2019
507:BlueKeep (security vulnerability)
358:security researcher Sean Dillon.
42:TrojanDownloader:Win32/Eterock. (
2620:Microarchitectural Data Sampling
1856:Ukrainian Power Grid Cyberattack
1764:Cyberterrorism attack of June 25
1291:Gallagher, Sean (May 28, 2019).
1077:"Windows Vista Lifecycle Policy"
727:Ghosh, Agamoni (April 9, 2017).
1968:2017 Ukraine ransomware attacks
1805:2014 JPMorgan Chase data breach
1372:Titcomb, James (May 15, 2017).
786:Greenberg, Andy (May 7, 2019).
734:International Business Times UK
192:software developed by the U.S.
1800:2014 celebrity nude photo leak
1479:. May 22, 2017. Archived from
990:Warren, Tom (April 15, 2017).
886:. September 9, 2016. p. 1
606:Goodin, Dan (April 14, 2017).
235:on more vulnerable computers.
30:L** Trojan:Win32/EternalBlue (
1:
2037:Bulgarian revenue agency hack
1815:Russian hacker password theft
1503:"Miroslav Stampar on Twitter"
396:City of Baltimore cyberattack
2171:Bangladesh Black Hat Hackers
1647:(publication of 2009 events)
1130:Goodin, Dan (May 15, 2017).
698:Goodin, Dan (May 12, 2017).
478:EternalRocks first installs
2032:Baltimore ransomware attack
1401:Bass, Dina (May 16, 2017).
918:. March 14, 2017. p. 1
3083:
3057:Computer security exploits
2306:Tailored Access Operations
1953:WannaCry ransomware attack
1846:Ashley Madison data breach
1790:Anthem medical data breach
1707:PlayStation network outage
333:WannaCry ransomware attack
2042:WhatsApp snooping scandal
1907:Indian Bank data breaches
1601:
509:– A similar vulnerability
400:In May 2019, the city of
258:'s implementation of the
233:2017 NotPetya cyberattack
16:Computer security exploit
3062:National Security Agency
2584:Speculative Store Bypass
2151:Ukrainian Cyber Alliance
1948:2017 Macron e-mail leaks
1237:www.bleepingcomputer.com
1212:www.bleepingcomputer.com
196:(NSA). It is based on a
194:National Security Agency
1958:Westminster data breach
1877:Bangladesh Bank robbery
1820:2014 Yahoo! data breach
1810:2014 Sony Pictures hack
1769:2013 Yahoo! data breach
1754:South Korea cyberattack
1656:Operation Olympic Games
1651:Australian cyberattacks
1351:Microsoft on the Issues
497:and is not ransomware.
70:Troj/Eterocks- (Sophos)
2301:Syrian Electronic Army
2011:SingHealth data breach
1774:Singapore cyberattacks
1712:RSA SecurID compromise
1159:Surur (May 13, 2017).
940:. ESET North America.
170:Windows Server 2003 R2
2590:Lazy FP state restore
2374:Kristoffer von Hassel
2027:Sri Lanka cyberattack
1897:Vietnam Airport Hacks
1738:Operation High Roller
1028:technet.microsoft.com
884:The MITRE Corporation
440:Columbia University's
286:in February 2017. On
2536:Silent Bob is Silent
1596:Hacking in the 2010s
1562:Entry in CVE catalog
260:Server Message Block
2470:SS7 vulnerabilities
2006:Atlanta cyberattack
1975:Equifax data breach
1733:Stratfor email leak
1682:Canadian government
1661:Operation ShadowNet
969:The Washington Post
434:having some of its
345:Windows Server 2003
320:Windows Server 2016
316:Windows Server 2012
312:Windows Server 2008
219:On May 12, 2017, a
178:Windows Server 2016
174:Windows Server 2012
166:Windows Server 2003
22:Eternal - Anonymous
2919:Petya and NotPetya
2548:ROCA vulnerability
2311:The Shadow Brokers
2237:Iranian Cyber Army
2163:persistent threats
1963:Petya and NotPetya
1927:2016 Bitfinex hack
1902:DCCC cyber attacks
1861:SWIFT banking hack
1263:The New York Times
826:The New York Times
590:www.virusradar.com
572:www.trendmicro.com
456:MicroBotMassiveNet
411:The New York Times
368:The Shadow Brokers
326:The Shadow Brokers
49:W32.Eternalrocks (
3044:
3043:
3040:
3039:
3032:ZeroAccess botnet
2344:Mustafa Al-Bassam
2111:New World Hackers
2074:associated events
2055:
2054:
1851:VTech data breach
1702:Operation AntiSec
1666:Operation Payback
1625:
1624:
1055:Bleeping Computer
554:www.microsoft.com
536:www.microsoft.com
484:incubation period
436:Tomahawk missiles
404:struggled with a
276:Microsoft Windows
202:Microsoft Windows
183:
182:
113:Technical details
3074:
2648:
2321:Yemen Cyber Army
1645:Operation Aurora
1635:
1604:
1603:
1590:
1583:
1576:
1567:
1535:
1518:
1517:
1515:
1513:
1499:
1493:
1492:
1490:
1488:
1469:
1463:
1462:
1455:
1444:
1443:
1441:
1439:
1424:
1418:
1417:
1415:
1413:
1398:
1392:
1391:
1389:
1387:
1369:
1363:
1362:
1360:
1358:
1343:
1334:
1333:
1327:
1319:
1316:baltimoresun.com
1307:
1301:
1300:
1288:
1282:
1281:
1273:
1267:
1266:
1254:
1248:
1247:
1245:
1243:
1229:
1223:
1222:
1220:
1218:
1204:
1198:
1197:
1195:
1193:
1178:
1172:
1171:
1169:
1167:
1156:
1150:
1149:
1147:
1145:
1127:
1121:
1120:
1118:
1116:
1098:
1092:
1091:
1089:
1087:
1073:
1067:
1066:
1064:
1062:
1045:
1039:
1038:
1036:
1034:
1020:
1014:
1013:
1011:
1009:
987:
981:
980:
978:
976:
960:
954:
953:
951:
949:
934:
928:
927:
925:
923:
902:
896:
895:
893:
891:
870:
864:
863:
861:
859:
845:
839:
838:
836:
834:
816:
810:
809:
807:
805:
783:
774:
773:
771:
769:
764:. April 10, 2017
752:
746:
745:
743:
741:
724:
718:
717:
715:
713:
695:
689:
688:
686:
684:
666:
660:
659:
657:
655:
632:
626:
625:
623:
621:
603:
594:
593:
582:
576:
575:
564:
558:
557:
546:
540:
539:
528:
19:
3082:
3081:
3077:
3076:
3075:
3073:
3072:
3071:
3047:
3046:
3045:
3036:
2990:
2974:
2928:
2872:
2841:
2785:
2764:
2718:
2677:
2637:
2417:
2415:vulnerabilities
2408:
2325:
2218:(confederation)
2181:Charming Kitten
2162:
2155:
2091:Goatse Security
2051:
2015:
1989:
1980:Deloitte breach
1931:
1917:Dyn cyberattack
1865:
1824:
1795:Operation Tovar
1778:
1742:
1716:
1670:
1631:Major incidents
1626:
1597:
1594:
1542:
1529:
1526:
1524:Further reading
1521:
1511:
1509:
1501:
1500:
1496:
1486:
1484:
1483:on June 4, 2017
1471:
1470:
1466:
1457:
1456:
1447:
1437:
1435:
1433:Financial Times
1426:
1425:
1421:
1411:
1409:
1400:
1399:
1395:
1385:
1383:
1371:
1370:
1366:
1356:
1354:
1345:
1344:
1337:
1320:
1309:
1308:
1304:
1290:
1289:
1285:
1275:
1274:
1270:
1256:
1255:
1251:
1241:
1239:
1231:
1230:
1226:
1216:
1214:
1206:
1205:
1201:
1191:
1189:
1180:
1179:
1175:
1165:
1163:
1158:
1157:
1153:
1143:
1141:
1137:Ars Technica UK
1129:
1128:
1124:
1114:
1112:
1100:
1099:
1095:
1085:
1083:
1075:
1074:
1070:
1060:
1058:
1047:
1046:
1042:
1032:
1030:
1022:
1021:
1017:
1007:
1005:
989:
988:
984:
974:
972:
962:
961:
957:
947:
945:
936:
935:
931:
921:
919:
904:
903:
899:
889:
887:
874:"CVE-2017-0144"
872:
871:
867:
857:
855:
847:
846:
842:
832:
830:
818:
817:
813:
803:
801:
785:
784:
777:
767:
765:
754:
753:
749:
739:
737:
726:
725:
721:
711:
709:
697:
696:
692:
682:
680:
668:
667:
663:
653:
651:
641:Washington Post
634:
633:
629:
619:
617:
605:
604:
597:
584:
583:
579:
566:
565:
561:
548:
547:
543:
530:
529:
525:
521:
513:Petya (malware)
503:
476:
449:
424:
398:
360:EternalChampion
252:
223:in the form of
76:Synergy Variant
63:Mal/Eterocks- (
56:TROJ_ETEROCK. (
17:
12:
11:
5:
3080:
3078:
3070:
3069:
3064:
3059:
3049:
3048:
3042:
3041:
3038:
3037:
3035:
3034:
3029:
3024:
3019:
3014:
3009:
3004:
2998:
2996:
2992:
2991:
2989:
2988:
2982:
2980:
2976:
2975:
2973:
2972:
2967:
2962:
2957:
2952:
2947:
2942:
2936:
2934:
2930:
2929:
2927:
2926:
2921:
2916:
2911:
2906:
2901:
2896:
2891:
2886:
2880:
2878:
2874:
2873:
2871:
2870:
2865:
2860:
2855:
2849:
2847:
2843:
2842:
2840:
2839:
2834:
2829:
2824:
2819:
2814:
2809:
2804:
2802:Black Energy 3
2799:
2793:
2791:
2787:
2786:
2784:
2783:
2778:
2772:
2770:
2766:
2765:
2763:
2762:
2757:
2752:
2747:
2742:
2737:
2732:
2726:
2724:
2720:
2719:
2717:
2716:
2711:
2709:Metulji botnet
2706:
2701:
2696:
2691:
2685:
2683:
2679:
2678:
2676:
2675:
2670:
2665:
2663:Black Energy 2
2660:
2654:
2652:
2645:
2639:
2638:
2636:
2635:
2629:
2623:
2617:
2611:
2605:
2599:
2593:
2587:
2581:
2575:
2569:
2563:
2557:
2551:
2545:
2539:
2533:
2527:
2521:
2518:Broadcom Wi-Fi
2515:
2509:
2503:
2497:
2491:
2485:
2479:
2473:
2467:
2461:
2455:
2449:
2443:
2437:
2431:
2424:
2422:
2410:
2409:
2407:
2406:
2401:
2396:
2391:
2386:
2381:
2379:Junaid Hussain
2376:
2371:
2369:Jeremy Hammond
2366:
2364:Elliott Gunton
2361:
2356:
2351:
2346:
2341:
2335:
2333:
2327:
2326:
2324:
2323:
2318:
2313:
2308:
2303:
2298:
2296:Stealth Falcon
2293:
2288:
2283:
2278:
2273:
2271:PLA Unit 61486
2268:
2266:PLA Unit 61398
2263:
2261:Numbered Panda
2258:
2253:
2239:
2234:
2229:
2224:
2219:
2213:
2208:
2206:Equation Group
2203:
2198:
2193:
2188:
2183:
2178:
2173:
2167:
2165:
2157:
2156:
2154:
2153:
2148:
2143:
2138:
2133:
2128:
2123:
2118:
2113:
2108:
2103:
2098:
2093:
2088:
2083:
2078:
2077:
2076:
2065:
2063:
2057:
2056:
2053:
2052:
2050:
2049:
2044:
2039:
2034:
2029:
2023:
2021:
2017:
2016:
2014:
2013:
2008:
2003:
1997:
1995:
1991:
1990:
1988:
1987:
1982:
1977:
1972:
1971:
1970:
1960:
1955:
1950:
1945:
1939:
1937:
1933:
1932:
1930:
1929:
1924:
1919:
1914:
1909:
1904:
1899:
1894:
1889:
1884:
1879:
1873:
1871:
1867:
1866:
1864:
1863:
1858:
1853:
1848:
1843:
1838:
1832:
1830:
1826:
1825:
1823:
1822:
1817:
1812:
1807:
1802:
1797:
1792:
1786:
1784:
1780:
1779:
1777:
1776:
1771:
1766:
1761:
1756:
1750:
1748:
1744:
1743:
1741:
1740:
1735:
1730:
1724:
1722:
1718:
1717:
1715:
1714:
1709:
1704:
1699:
1697:HBGary Federal
1694:
1689:
1684:
1678:
1676:
1672:
1671:
1669:
1668:
1663:
1658:
1653:
1648:
1641:
1639:
1632:
1628:
1627:
1623:
1622:
1616:
1611:
1602:
1599:
1598:
1595:
1593:
1592:
1585:
1578:
1570:
1564:
1563:
1553:
1548:
1541:
1540:External links
1538:
1537:
1536:
1525:
1522:
1520:
1519:
1494:
1464:
1445:
1419:
1407:Bloomberg News
1393:
1364:
1353:. May 14, 2017
1335:
1302:
1283:
1268:
1249:
1224:
1199:
1173:
1151:
1122:
1093:
1068:
1040:
1015:
982:
955:
929:
897:
865:
840:
811:
775:
747:
719:
690:
661:
627:
595:
577:
559:
541:
522:
520:
517:
516:
515:
510:
502:
499:
475:
472:
448:
445:
423:
422:Responsibility
420:
397:
394:
364:EternalRomance
251:
248:
240:Buckeye (APT3)
210:Shadow Brokers
188:is a computer
181:
180:
119:
115:
114:
110:
109:
107:Equation Group
104:
100:
99:
94:
90:
89:
88:
87:
86:
85:
73:
72:
71:
68:
61:
54:
47:
28:
27:Technical name
24:
23:
15:
13:
10:
9:
6:
4:
3:
2:
3079:
3068:
3065:
3063:
3060:
3058:
3055:
3054:
3052:
3033:
3030:
3028:
3025:
3023:
3020:
3018:
3015:
3013:
3010:
3008:
3005:
3003:
3000:
2999:
2997:
2993:
2987:
2984:
2983:
2981:
2977:
2971:
2968:
2966:
2963:
2961:
2958:
2956:
2953:
2951:
2948:
2946:
2943:
2941:
2938:
2937:
2935:
2931:
2925:
2922:
2920:
2917:
2915:
2912:
2910:
2907:
2905:
2902:
2900:
2897:
2895:
2892:
2890:
2887:
2885:
2882:
2881:
2879:
2875:
2869:
2866:
2864:
2861:
2859:
2856:
2854:
2851:
2850:
2848:
2844:
2838:
2835:
2833:
2832:Gameover ZeuS
2830:
2828:
2825:
2823:
2820:
2818:
2815:
2813:
2810:
2808:
2805:
2803:
2800:
2798:
2795:
2794:
2792:
2788:
2782:
2779:
2777:
2774:
2773:
2771:
2767:
2761:
2758:
2756:
2753:
2751:
2748:
2746:
2743:
2741:
2738:
2736:
2733:
2731:
2728:
2727:
2725:
2721:
2715:
2712:
2710:
2707:
2705:
2702:
2700:
2697:
2695:
2692:
2690:
2687:
2686:
2684:
2680:
2674:
2671:
2669:
2666:
2664:
2661:
2659:
2656:
2655:
2653:
2649:
2646:
2644:
2640:
2633:
2630:
2627:
2624:
2621:
2618:
2615:
2612:
2609:
2606:
2603:
2600:
2597:
2594:
2591:
2588:
2585:
2582:
2579:
2576:
2573:
2570:
2567:
2564:
2561:
2558:
2555:
2552:
2549:
2546:
2543:
2540:
2537:
2534:
2531:
2528:
2525:
2522:
2519:
2516:
2513:
2510:
2507:
2504:
2501:
2498:
2495:
2492:
2489:
2486:
2483:
2480:
2477:
2474:
2471:
2468:
2465:
2462:
2459:
2456:
2453:
2450:
2447:
2444:
2441:
2438:
2435:
2432:
2429:
2426:
2425:
2423:
2421:
2416:
2411:
2405:
2402:
2400:
2397:
2395:
2392:
2390:
2387:
2385:
2382:
2380:
2377:
2375:
2372:
2370:
2367:
2365:
2362:
2360:
2357:
2355:
2352:
2350:
2347:
2345:
2342:
2340:
2337:
2336:
2334:
2332:
2328:
2322:
2319:
2317:
2314:
2312:
2309:
2307:
2304:
2302:
2299:
2297:
2294:
2292:
2291:Rocket Kitten
2289:
2287:
2284:
2282:
2279:
2277:
2274:
2272:
2269:
2267:
2264:
2262:
2259:
2257:
2254:
2251:
2247:
2243:
2242:Lazarus Group
2240:
2238:
2235:
2233:
2230:
2228:
2225:
2223:
2220:
2217:
2214:
2212:
2209:
2207:
2204:
2202:
2199:
2197:
2194:
2192:
2189:
2187:
2184:
2182:
2179:
2177:
2174:
2172:
2169:
2168:
2166:
2164:
2158:
2152:
2149:
2147:
2144:
2142:
2139:
2137:
2134:
2132:
2129:
2127:
2124:
2122:
2119:
2117:
2114:
2112:
2109:
2107:
2104:
2102:
2099:
2097:
2094:
2092:
2089:
2087:
2084:
2082:
2079:
2075:
2072:
2071:
2070:
2067:
2066:
2064:
2062:
2058:
2048:
2045:
2043:
2040:
2038:
2035:
2033:
2030:
2028:
2025:
2024:
2022:
2018:
2012:
2009:
2007:
2004:
2002:
1999:
1998:
1996:
1992:
1986:
1985:Disqus breach
1983:
1981:
1978:
1976:
1973:
1969:
1966:
1965:
1964:
1961:
1959:
1956:
1954:
1951:
1949:
1946:
1944:
1941:
1940:
1938:
1934:
1928:
1925:
1923:
1920:
1918:
1915:
1913:
1910:
1908:
1905:
1903:
1900:
1898:
1895:
1893:
1890:
1888:
1885:
1883:
1880:
1878:
1875:
1874:
1872:
1868:
1862:
1859:
1857:
1854:
1852:
1849:
1847:
1844:
1842:
1839:
1837:
1834:
1833:
1831:
1827:
1821:
1818:
1816:
1813:
1811:
1808:
1806:
1803:
1801:
1798:
1796:
1793:
1791:
1788:
1787:
1785:
1781:
1775:
1772:
1770:
1767:
1765:
1762:
1760:
1759:Snapchat hack
1757:
1755:
1752:
1751:
1749:
1745:
1739:
1736:
1734:
1731:
1729:
1728:LinkedIn hack
1726:
1725:
1723:
1719:
1713:
1710:
1708:
1705:
1703:
1700:
1698:
1695:
1693:
1690:
1688:
1685:
1683:
1680:
1679:
1677:
1673:
1667:
1664:
1662:
1659:
1657:
1654:
1652:
1649:
1646:
1643:
1642:
1640:
1636:
1633:
1629:
1621: →
1620:
1617:
1615:
1612:
1610:
1607:←
1606:
1605:
1600:
1591:
1586:
1584:
1579:
1577:
1572:
1571:
1568:
1561:
1557:
1554:
1552:
1549:
1547:
1544:
1543:
1539:
1533:
1528:
1527:
1523:
1508:
1504:
1498:
1495:
1482:
1478:
1474:
1468:
1465:
1460:
1454:
1452:
1450:
1446:
1434:
1430:
1423:
1420:
1408:
1404:
1397:
1394:
1381:
1380:
1379:The Telegraph
1375:
1368:
1365:
1352:
1348:
1342:
1340:
1336:
1331:
1325:
1317:
1313:
1306:
1303:
1298:
1294:
1287:
1284:
1280:. Bloomsbury.
1279:
1272:
1269:
1264:
1260:
1253:
1250:
1238:
1234:
1228:
1225:
1213:
1209:
1203:
1200:
1188:
1187:microsoft.com
1184:
1177:
1174:
1162:
1155:
1152:
1139:
1138:
1133:
1126:
1123:
1110:
1109:
1104:
1097:
1094:
1082:
1078:
1072:
1069:
1057:
1056:
1051:
1044:
1041:
1029:
1025:
1019:
1016:
1003:
999:
998:
993:
986:
983:
975:September 25,
971:
970:
965:
959:
956:
943:
939:
933:
930:
917:
913:
912:
911:SecurityFocus
907:
901:
898:
885:
881:
880:
875:
869:
866:
858:September 26,
854:
850:
844:
841:
828:
827:
822:
815:
812:
799:
795:
794:
789:
782:
780:
776:
763:
762:
757:
751:
748:
736:
735:
730:
723:
720:
707:
706:
701:
694:
691:
678:
677:
672:
665:
662:
650:
646:
642:
638:
631:
628:
615:
614:
609:
602:
600:
596:
591:
587:
581:
578:
573:
569:
563:
560:
555:
551:
545:
542:
537:
533:
527:
524:
518:
514:
511:
508:
505:
504:
500:
498:
496:
491:
489:
485:
481:
473:
471:
469:
465:
461:
460:computer worm
457:
453:
446:
444:
441:
437:
433:
432:U.S. military
429:
421:
419:
415:
413:
412:
407:
403:
395:
393:
391:
387:
383:
378:
376:
373:
369:
365:
361:
357:
353:
348:
346:
342:
338:
334:
329:
327:
323:
321:
317:
313:
309:
305:
301:
297:
296:Windows Vista
293:
289:
285:
279:
277:
273:
269:
265:
261:
257:
249:
247:
245:
241:
236:
234:
230:
226:
222:
221:computer worm
217:
215:
211:
207:
203:
199:
198:vulnerability
195:
191:
187:
179:
175:
171:
167:
163:
159:
155:
151:
147:
146:Windows Vista
143:
139:
135:
131:
127:
123:
120:
116:
111:
108:
105:
101:
98:
95:
91:
83:
79:
78:
77:
74:
69:
66:
62:
59:
55:
52:
48:
45:
41:
40:
39:
38:Rocks Variant
36:
35:
33:
29:
25:
20:
2776:CryptoLocker
2530:DoublePulsar
2523:
2349:Cyber Anakin
2339:Ryan Ackroyd
2232:Helix Kitten
2227:Hacking Team
2222:Guccifer 2.0
2096:Lizard Squad
1912:Surkov leaks
1841:Hacking Team
1510:. Retrieved
1506:
1497:
1485:. Retrieved
1481:the original
1476:
1467:
1436:. Retrieved
1432:
1422:
1410:. Retrieved
1406:
1396:
1384:. Retrieved
1377:
1367:
1355:. Retrieved
1350:
1315:
1305:
1297:Ars Technica
1296:
1286:
1277:
1271:
1262:
1252:
1242:February 20,
1240:. Retrieved
1236:
1227:
1215:. Retrieved
1211:
1202:
1190:. Retrieved
1186:
1176:
1164:. Retrieved
1154:
1142:. Retrieved
1135:
1125:
1113:. Retrieved
1106:
1096:
1084:. Retrieved
1071:
1059:. Retrieved
1053:
1043:
1031:. Retrieved
1027:
1018:
1006:. Retrieved
995:
985:
973:. Retrieved
967:
958:
946:. Retrieved
932:
920:. Retrieved
909:
900:
888:. Retrieved
877:
868:
856:. Retrieved
852:
843:
831:. Retrieved
824:
814:
802:. Retrieved
791:
766:. Retrieved
759:
750:
738:. Retrieved
732:
722:
710:. Retrieved
705:Ars Technica
703:
693:
681:. Retrieved
674:
664:
654:December 19,
652:. Retrieved
640:
630:
618:. Retrieved
613:Ars Technica
611:
589:
580:
571:
562:
553:
544:
535:
526:
492:
477:
455:
452:EternalRocks
451:
450:
447:EternalRocks
425:
416:
409:
399:
379:
372:open sourced
352:Windows 2000
349:
330:
324:
280:
253:
237:
227:, nicknamed
218:
185:
184:
138:Windows 2000
75:
37:
3012:NetTraveler
2950:LogicLocker
2858:Hidden Tear
2755:Red October
2614:Dragonblood
2524:EternalBlue
2488:Stagefright
2354:George Hotz
2331:Individuals
2081:CyberBerkut
1382:. p. 1
1217:February 5,
1181:MSRC Team.
1140:. p. 1
1111:. p. 1
1004:. p. 1
829:. p. 1
708:. p. 1
679:. p. 1
616:. p. 1
495:kill switch
490:" machine.
406:cyberattack
304:Windows 8.1
186:EternalBlue
158:Windows 8.1
58:Trend Micro
3051:Categories
2955:Rensenware
2940:BrickerBot
2868:TeslaCrypt
2658:Bad Rabbit
2608:Foreshadow
2512:Cloudbleed
2464:Row hammer
2446:Shellshock
2440:Heartbleed
2428:Evercookie
2404:The Jester
2286:Red Apollo
2246:BlueNorOff
2216:GOSSIPGIRL
2211:Fancy Bear
2201:Elfin Team
2196:DarkMatter
2191:Dark Basin
2176:Bureau 121
2136:Teamp0ison
2061:Hacktivism
1692:DNSChanger
853:Threatpost
804:August 19,
519:References
464:ransomware
375:Metasploit
337:Windows XP
308:Windows 10
225:ransomware
162:Windows 10
142:Windows XP
134:Windows NT
130:Windows Me
126:Windows 98
122:Windows 95
2986:VPNFilter
2863:Rombertik
2827:FinFisher
2817:DarkHotel
2781:DarkSeoul
2689:Coreflood
2554:BlueBorne
2506:Dirty COW
2420:disclosed
2418:publicly
2256:NSO Group
2186:Cozy Bear
2126:PayPal 14
2069:Anonymous
1943:SHAttered
1687:DigiNotar
1560:2017-0144
1438:March 11,
1412:March 11,
1108:wired.com
1081:Microsoft
1008:April 25,
1002:Vox Media
997:The Verge
768:April 10,
740:April 10,
649:0190-8286
474:Infection
402:Baltimore
390:BadRabbit
377:modules.
356:RiskSense
341:Windows 8
300:Windows 7
268:2017-0144
256:Microsoft
154:Windows 8
150:Windows 7
44:Microsoft
32:Microsoft
3027:Titanium
2970:XafeCopy
2965:WannaCry
2894:KeRanger
2822:Duqu 2.0
2807:Carbanak
2626:BlueKeep
2602:SigSpoof
2560:Meltdown
2476:WinShock
2458:Rootpipe
2359:Guccifer
2281:Pranknet
2276:PLATINUM
2250:AndAriel
2161:Advanced
2116:NullCrew
2101:LulzRaft
2001:Trustico
1614:Timeline
1386:June 28,
1357:June 28,
1324:cite web
942:Archived
922:June 28,
916:Symantec
890:June 28,
833:June 27,
798:Archived
761:BBC News
501:See also
468:honeypot
386:NotPetya
382:WannaCry
229:WannaCry
214:patching
118:Platform
51:Symantec
2924:X-Agent
2914:Pegasus
2797:Brambul
2760:Shamoon
2704:Kelihos
2694:Alureon
2673:Stuxnet
2643:Malware
2596:TLBleed
2578:Exactis
2566:Spectre
2500:Badlock
2434:iSeeYou
2399:Topiary
2131:RedHack
2121:OurMine
2106:LulzSec
1512:May 30,
1507:Twitter
1487:May 25,
1192:May 13,
1166:May 13,
1144:May 15,
1115:May 13,
1086:May 13,
1061:May 13,
1033:May 13,
948:May 16,
712:May 13,
683:May 13,
620:May 13,
384:, both
292:patches
288:Tuesday
284:patches
270:in the
250:Details
206:network
190:exploit
103:Authors
97:Exploit
3007:Joanap
2960:Triton
2899:Necurs
2889:Jigsaw
2884:Hitler
2853:Dridex
2812:Careto
2735:Dexter
2668:SpyEye
2634:(2019)
2628:(2019)
2622:(2019)
2616:(2019)
2610:(2018)
2604:(2018)
2598:(2018)
2592:(2018)
2586:(2018)
2580:(2018)
2574:(2018)
2568:(2018)
2562:(2018)
2556:(2017)
2550:(2017)
2544:(2017)
2538:(2017)
2532:(2017)
2526:(2017)
2520:(2017)
2514:(2017)
2508:(2016)
2502:(2016)
2496:(2016)
2490:(2015)
2484:(2015)
2482:JASBUG
2478:(2014)
2472:(2014)
2466:(2014)
2460:(2014)
2454:(2014)
2452:POODLE
2448:(2014)
2442:(2014)
2436:(2013)
2430:(2010)
2413:Major
2394:Track2
2316:xDedic
2146:UGNazi
676:Forbes
647:
343:, and
318:, and
244:trojan
65:Sophos
3022:Tinba
2909:Mirai
2837:Regin
2750:Mahdi
2745:Flame
2730:Carna
2714:Stars
2632:Kr00k
2572:EFAIL
2542:KRACK
2494:DROWN
1619:2020s
1609:2000s
1477:Tech2
793:Wired
458:is a
3017:R2D2
3002:Grum
2995:2019
2979:2018
2945:Kirk
2933:2017
2904:MEMZ
2877:2016
2846:2015
2790:2014
2769:2013
2723:2012
2699:Duqu
2682:2011
2651:2010
2389:Sabu
2141:TDO
2086:GNAA
2020:2019
1994:2018
1936:2017
1870:2016
1829:2015
1783:2014
1747:2013
1721:2012
1675:2011
1638:2010
1514:2017
1489:2017
1440:2022
1414:2022
1388:2017
1359:2017
1330:link
1244:2019
1219:2018
1194:2017
1168:2017
1146:2017
1117:2017
1088:2017
1063:2017
1035:2017
1010:2019
977:2017
950:2017
924:2017
892:2017
860:2017
835:2017
806:2019
770:2017
742:2017
714:2017
685:2017
656:2017
645:ISSN
622:2017
488:host
388:and
362:and
93:Type
82:ESET
2740:FBI
2384:MLT
2248:) (
1556:CVE
480:Tor
454:or
428:CIA
354:by
264:CVE
200:in
3053::
1505:.
1475:.
1448:^
1431:.
1405:.
1376:.
1349:.
1338:^
1326:}}
1322:{{
1314:.
1295:.
1261:.
1235:.
1210:.
1185:.
1134:.
1105:.
1079:.
1052:.
1026:.
1000:.
994:.
966:.
914:.
908:.
882:.
876:.
851:.
823:.
796:.
790:.
778:^
758:.
731:.
702:.
673:.
643:.
639:.
610:.
598:^
588:.
570:.
552:.
534:.
470:.
347:.
339:,
322:.
314:,
310:,
306:,
302:,
298:,
176:,
172:,
168:,
164:,
160:,
156:,
152:,
148:,
144:,
140:,
136:,
132:,
128:,
124:,
34:)
2252:)
2244:(
1589:e
1582:t
1575:v
1558:-
1534:.
1516:.
1491:.
1461:.
1442:.
1416:.
1390:.
1361:.
1332:)
1318:.
1299:.
1265:.
1246:.
1221:.
1196:.
1170:.
1148:.
1119:.
1090:.
1065:.
1037:.
1012:.
979:.
952:.
926:.
894:.
862:.
837:.
808:.
772:.
744:.
716:.
687:.
658:.
624:.
592:.
574:.
556:.
538:.
266:-
84:)
67:)
60:)
53:)
46:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.