454:
patch to recent
Windows users and customers of its $ 1,000 per device Extended Support contracts, a move that left organisations such the UK's NHS vulnerable to the WannaCry attack. A month after the patch was first released, Microsoft took the rare step of making it available for free to users of all vulnerable Windows editions dating back to Windows XP.
425:, initially attributed this attack to EternalBlue; in a memoir published in February 2021, Perlroth clarified that EternalBlue had not been responsible for the Baltimore cyberattack, while criticizing others for pointing out "the technical detail that in this particular case, the ransomware attack had not spread with EternalBlue".
428:
Since 2012, four
Baltimore City chief information officers have been fired or have resigned; two left while under investigation. Some security researchers said that the responsibility for the Baltimore breach lay with the city for not updating their computers. Security consultant Rob Graham wrote in
453:
Knight First
Amendment Institute, have criticised Microsoft for shifting the blame to the NSA, arguing that it should be held responsible for releasing a defective product in the same way a car manufacturer might be. The company was faulted for initially restricting the release of its EternalBlue
292:
The NSA did not alert
Microsoft about the vulnerabilities, and held on to it for more than five years before the breach forced its hand. The agency then warned Microsoft after learning about EternalBlue's possible theft, allowing the company to prepare a software patch issued in March 2017, after
219:. The NSA knew about this vulnerability but did not disclose it to Microsoft for several years, since they planned to use it as a defense mechanism against cyber attacks. In 2017, the NSA discovered that the software was stolen by a group of hackers known as the
974:
647:
242:, used the EternalBlue exploit to attack computers using Windows that had not received the latest system updates removing the vulnerability. On June 27, 2017, the exploit was again used to help carry out the
1357:
1483:
227:
the vulnerability. While this was happening, the hacker group attempted to auction off the software, but did not succeed in finding a buyer. EternalBlue was then publicly released on April 14, 2017.
419:
by digital extortionists; the attack froze thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services. Nicole
Perlroth, writing for
449:
stolen". The stockpiling strategy prevented
Microsoft from knowing of (and subsequently patching) this bug, and presumably other hidden bugs. However several commentators, including Alex Abdo of
391:
At the end of 2018, millions of systems were still vulnerable to
EternalBlue. This has led to millions of dollars in damages due primarily to ransomware worms. Following the massive impact of
1912:
1932:
429:
a tweet: "If an organization has substantial numbers of
Windows machines that have gone 2 years without patches, then that’s squarely the fault of the organization, not EternalBlue."
477:
program that infected 230,000 computers in May 2017 only uses two NSA exploits, so researchers believe
EternalRocks to be significantly more dangerous. The worm was discovered via a
1060:
1340:
542:
681:
1598:
1218:
1303:
1491:
346:
started to use the
EternalBlue vulnerability to spread itself. The next day (May 13, 2017), Microsoft released emergency security patches for the unsupported
2084:
1624:
403:
caused over $ 1 billion worth of damages in over 65 countries, using EternalBlue as either an initial compromise vector or as a method of lateral movement.
3077:
1902:
1846:
739:
560:
1469:
1171:
1243:
618:
710:
1413:
952:
1087:
808:
437:
After the WannaCry attack, Microsoft took "first responsibility to address these issues", but criticized government agencies like the NSA and
1892:
1661:
2016:
889:
282:
441:
for stockpiling vulnerabilities rather than disclosing them, writing that "an equivalent scenario with conventional weapons would be the
3067:
2430:
1897:
1384:
2564:
2546:
2047:
1825:
1591:
1142:
504:
The malware even names itself WannaCry to avoid detection from security researchers. Unlike WannaCry, EternalRocks does not possess a
3072:
2570:
2096:
2057:
1692:
517:
1871:
1322:
1358:"The need for urgent collective action to keep people safe online: Lessons from last week's cyberattack - Microsoft on the Issues"
2630:
2576:
2151:
2042:
1002:
416:
1193:
1978:
1815:
1717:
744:
2037:
1810:
859:
253:, after they likely found and re-purposed the software, as well as reported to have been used as part of the Retefe banking
289:
mishandles specially crafted packets from remote attackers, allowing them to remotely execute code on the target computer.
1917:
1629:
1619:
1584:
2791:
2181:
1968:
1907:
1866:
1764:
339:
publicly released the EternalBlue exploit code on April 14, 2017, along with several other hacking tools from the NSA.
2286:
2021:
1784:
438:
200:
107:
596:
2975:
2316:
2171:
1963:
1856:
1800:
442:
343:
250:
2456:
2425:
2052:
578:
446:
243:
208:
2594:
2161:
2079:
1985:
1958:
254:
204:
2750:
2414:
1887:
1820:
1666:
490:
2624:
2480:
2311:
1973:
493:, a private network that conceals Internet activity, to access its hidden servers. After a brief 24 hour "
301:, March 14, 2017, Microsoft issued security bulletin MS17-010, which detailed the flaw and announced that
473:
that infects Microsoft Windows. It uses seven exploits developed by the NSA. Comparatively, the WannaCry
2765:
2600:
2384:
1748:
1269:
831:
285:(CVE) catalog. The vulnerability exists because the SMB version 1 (SMBv1) server in various versions of
2528:
2409:
2121:
1830:
1779:
1774:
1556:
1323:"Baltimore political leaders seek briefings after report that NSA tool was used in ransomware attack"
1034:
478:
370:
270:
1113:
948:
374:
3027:
2899:
1927:
1743:
1389:
979:
798:
450:
355:
330:
326:
322:
305:
had been released for all Windows versions that were currently supported at that time, these being
239:
188:
184:
180:
176:
1439:
1172:"Microsoft release Wannacrypt patch for unsupported Windows XP, Windows 8 and Windows Server 2003"
740:"'President Trump what the f**k are you doing' say Shadow Brokers and dump more NSA hacking tools"
3037:
3032:
2929:
2558:
2321:
2247:
1937:
1738:
836:
421:
378:
336:
220:
1561:
1542:
497:", the server then responds to the malware request by downloading and self-replicating on the "
400:
366:
3042:
2924:
2894:
2498:
2354:
1712:
1676:
1334:
1065:
894:
655:
494:
382:
294:
286:
249:
The exploit was also reported to have been used since March 2016 by the Chinese hacking group
224:
212:
2970:
2822:
2745:
2394:
2331:
2206:
1655:
1566:
1118:
949:"Vulnerability CVE-2017-0144 in SMB exploited by WannaCryptor ransomware to spread over LAN"
803:
274:
216:
2980:
2955:
2919:
2847:
2760:
2755:
2399:
2191:
2101:
1805:
1147:
975:"NSA officials worried about the day its potent hacking tool would get loose. Then it did"
648:"NSA officials worried about the day its potent hacking tool would get loose. Then it did"
523:
1513:
2719:
2714:
2404:
2389:
2379:
2374:
2306:
2281:
2276:
2271:
2216:
1671:
1061:"Microsoft Releases Patch for Older Windows Versions to Protect Against Wana Decrypt0r"
926:
561:"TrojanDownloader:Win32/Eterock.A threat description - Microsoft Security Intelligence"
498:
302:
117:
61:
1484:"Newly identified ransomware 'EternalRocks' is more dangerous than 'WannaCry' - Tech2"
342:
Many Windows users had not installed the Microsoft patches when, on May 12, 2017, the
3061:
2842:
2301:
2260:
2256:
2252:
921:
470:
306:
298:
231:
156:
1143:"Wanna Decryptor: The NSA-derived ransomware worm shutting down computers worldwide"
2786:
2740:
2540:
2504:
2359:
2349:
2242:
2237:
2232:
2106:
1922:
1851:
715:
623:
362:
148:
1570:
1219:"NSA Exploits Ported to Work on All Windows Versions Released Since Windows 2000"
884:
278:
3022:
3012:
2960:
2868:
2812:
2724:
2673:
2364:
2091:
1722:
917:"Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability"
505:
361:
In February 2018, EternalBlue was ported to all Windows operating systems since
314:
168:
68:
766:
543:"Trojan:Win32/EternalBlue threat description - Microsoft Security Intelligence"
2965:
2950:
2878:
2668:
2618:
2522:
2474:
2450:
2438:
2296:
2221:
2211:
2201:
2186:
2146:
2071:
1702:
474:
385:
347:
318:
235:
172:
152:
144:
140:
136:
132:
659:
223:. Microsoft was informed of this and released security updates in March 2017
2996:
2873:
2837:
2827:
2699:
2516:
2266:
2196:
2136:
1697:
1091:
1012:
1007:
412:
351:
310:
266:
215:
that allowed users to gain access to any number of computers connected to a
164:
160:
54:
42:
17:
682:"An NSA Cyber Weapon Might Be Behind A Massive Global Ransomware Outbreak"
2904:
2832:
2817:
2636:
2612:
2486:
2468:
2369:
2291:
2126:
2111:
2011:
1990:
1769:
916:
771:
396:
392:
1304:"Eternally Blue: Baltimore City leaders blame NSA for ransomware attack"
2934:
2807:
2770:
2704:
2683:
2653:
2606:
2588:
2510:
2444:
2226:
2141:
2131:
2116:
1576:
619:"NSA-leaking Shadow Brokers just dumped its most damaging release yet"
3017:
2909:
2863:
2678:
2492:
2462:
2341:
2326:
2156:
1995:
1707:
799:"The Strange Journey of an NSA Zero-Day—Into Multiple Enemies' Hands"
711:"An NSA-derived ransomware worm is shutting down computers worldwide"
686:
75:
1470:"New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two"
1289:
This Is How They Tell Me the World Ends: The Cyberweapons Arms Race
377:, two other exploits originally developed by the NSA and leaked by
2642:
2582:
2552:
1861:
1244:"One Year After WannaCry, EternalBlue Exploit Is Bigger Than Ever"
381:, were also ported at the same event. They were made available as
2914:
2709:
1953:
1440:"Microsoft held back free patch that could have slowed WannaCry"
830:
Perlroth, Nicole; Scott, Mark; Frenkel, Sheera (June 27, 2017).
597:"Win32/Exploit.Equation.EternalSynergy.A | ESET Virusradar"
92:
1580:
1414:"Microsoft faulted over ransomware while shifting blame to NSA"
1003:"Microsoft has already patched the NSA's leaked Windows hacks"
1270:"In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc"
860:"EternalBlue Exploit Used in Retefe Banking Trojan Campaign"
1893:
Hollywood Presbyterian Medical Center ransomware incident
1562:
Microsoft Update Catalog entries for EternalBlue patches
1385:"Microsoft slams US government over global cyber attack"
579:"TROJ_ETEROCK.A - Threat Encyclopedia - Trend Micro USA"
832:"Cyberattack Hits Ukraine Then Spreads Internationally"
767:"'NSA malware' released by Shadow Brokers hacker group"
273:(SMB) protocol. This vulnerability is denoted by entry
1114:"The Ransomware Meltdown Experts Warned About Is Here"
3005:
2989:
2943:
2887:
2856:
2800:
2779:
2733:
2692:
2661:
2652:
2423:
2340:
2170:
2070:
2030:
2004:
1946:
1880:
1839:
1793:
1757:
1731:
1685:
1648:
1641:
128:
123:
113:
103:
37:
32:
1438:Waters, Richard; Kuchler, Hannah (May 17, 2017).
1035:"Microsoft Security Bulletin MS17-010 – Critical"
646:Nakashima, Ellen; Timberg, Craig (May 16, 2017).
1933:Russian interference in the 2016 U.S. elections
1268:Perlroth, Nicole; Shane, Scott (May 25, 2019).
1592:
8:
1339:: CS1 maint: multiple names: authors list (
792:
790:
1903:Democratic National Committee cyber attacks
1543:"EternalBlue – Everything There Is To Know"
2658:
1847:Office of Personnel Management data breach
1645:
1599:
1585:
1577:
1321:Rector, Ian Duncan, Kevin (May 26, 2019).
1194:"Customer Guidance for WannaCrypt attacks"
890:CVE - Common Vulnerabilities and Exposures
293:delaying its regular release of security
265:EternalBlue exploits a vulnerability in
1464:
1462:
1460:
534:
91:Win32/Exploit.Equation.EternalSynergy (
1541:Grossman, Nadav (September 29, 2017).
1332:
29:
1352:
1350:
1287:Perlroth, Nicole (February 9, 2021).
680:Fox-Brewster, Thomas (May 12, 2017).
612:
610:
7:
1557:Microsoft Security Bulletin MS17-010
283:Common Vulnerabilities and Exposures
1898:Commission on Elections data breach
1112:Newman, Lily Hay (March 12, 2017).
3078:Windows communication and services
257:since at least September 5, 2017.
25:
2058:Jeff Bezos phone hacking incident
1059:Cimpanu, Catalin (May 13, 2017).
955:from the original on May 16, 2017
811:from the original on May 12, 2019
518:BlueKeep (security vulnerability)
369:security researcher Sean Dillon.
53:TrojanDownloader:Win32/Eterock. (
2631:Microarchitectural Data Sampling
1867:Ukrainian Power Grid Cyberattack
1775:Cyberterrorism attack of June 25
1302:Gallagher, Sean (May 28, 2019).
1088:"Windows Vista Lifecycle Policy"
738:Ghosh, Agamoni (April 9, 2017).
1979:2017 Ukraine ransomware attacks
1816:2014 JPMorgan Chase data breach
1383:Titcomb, James (May 15, 2017).
797:Greenberg, Andy (May 7, 2019).
745:International Business Times UK
203:software developed by the U.S.
1811:2014 celebrity nude photo leak
1490:. May 22, 2017. Archived from
1001:Warren, Tom (April 15, 2017).
897:. September 9, 2016. p. 1
617:Goodin, Dan (April 14, 2017).
246:on more vulnerable computers.
41:L** Trojan:Win32/EternalBlue (
1:
2048:Bulgarian revenue agency hack
1826:Russian hacker password theft
1514:"Miroslav Stampar on Twitter"
407:City of Baltimore cyberattack
2182:Bangladesh Black Hat Hackers
1658:(publication of 2009 events)
1141:Goodin, Dan (May 15, 2017).
709:Goodin, Dan (May 12, 2017).
489:EternalRocks first installs
2043:Baltimore ransomware attack
1412:Bass, Dina (May 16, 2017).
929:. March 14, 2017. p. 1
3094:
3068:Computer security exploits
2317:Tailored Access Operations
1964:WannaCry ransomware attack
1857:Ashley Madison data breach
1801:Anthem medical data breach
1718:PlayStation network outage
344:WannaCry ransomware attack
2053:WhatsApp snooping scandal
1918:Indian Bank data breaches
1612:
520:– A similar vulnerability
411:In May 2019, the city of
269:'s implementation of the
244:2017 NotPetya cyberattack
27:Computer security exploit
3073:National Security Agency
2595:Speculative Store Bypass
2162:Ukrainian Cyber Alliance
1959:2017 Macron e-mail leaks
1248:www.bleepingcomputer.com
1223:www.bleepingcomputer.com
207:(NSA). It is based on a
205:National Security Agency
1969:Westminster data breach
1888:Bangladesh Bank robbery
1831:2014 Yahoo! data breach
1821:2014 Sony Pictures hack
1780:2013 Yahoo! data breach
1765:South Korea cyberattack
1667:Operation Olympic Games
1662:Australian cyberattacks
1362:Microsoft on the Issues
508:and is not ransomware.
81:Troj/Eterocks- (Sophos)
2312:Syrian Electronic Army
2022:SingHealth data breach
1785:Singapore cyberattacks
1723:RSA SecurID compromise
1170:Surur (May 13, 2017).
951:. ESET North America.
181:Windows Server 2003 R2
2601:Lazy FP state restore
2385:Kristoffer von Hassel
2038:Sri Lanka cyberattack
1908:Vietnam Airport Hacks
1749:Operation High Roller
1039:technet.microsoft.com
895:The MITRE Corporation
451:Columbia University's
297:in February 2017. On
2547:Silent Bob is Silent
1607:Hacking in the 2010s
1573:Entry in CVE catalog
271:Server Message Block
2481:SS7 vulnerabilities
2017:Atlanta cyberattack
1986:Equifax data breach
1744:Stratfor email leak
1693:Canadian government
1672:Operation ShadowNet
980:The Washington Post
445:having some of its
356:Windows Server 2003
331:Windows Server 2016
327:Windows Server 2012
323:Windows Server 2008
230:On May 12, 2017, a
189:Windows Server 2016
185:Windows Server 2012
177:Windows Server 2003
33:Eternal - Anonymous
2930:Petya and NotPetya
2559:ROCA vulnerability
2322:The Shadow Brokers
2248:Iranian Cyber Army
2174:persistent threats
1974:Petya and NotPetya
1938:2016 Bitfinex hack
1913:DCCC cyber attacks
1872:SWIFT banking hack
1274:The New York Times
837:The New York Times
601:www.virusradar.com
583:www.trendmicro.com
467:MicroBotMassiveNet
422:The New York Times
379:The Shadow Brokers
337:The Shadow Brokers
60:W32.Eternalrocks (
3055:
3054:
3051:
3050:
3043:ZeroAccess botnet
2355:Mustafa Al-Bassam
2122:New World Hackers
2085:associated events
2066:
2065:
1862:VTech data breach
1713:Operation AntiSec
1677:Operation Payback
1636:
1635:
1066:Bleeping Computer
565:www.microsoft.com
547:www.microsoft.com
495:incubation period
447:Tomahawk missiles
415:struggled with a
287:Microsoft Windows
213:Microsoft Windows
194:
193:
124:Technical details
16:(Redirected from
3085:
2659:
2332:Yemen Cyber Army
1656:Operation Aurora
1646:
1615:
1614:
1601:
1594:
1587:
1578:
1546:
1529:
1528:
1526:
1524:
1510:
1504:
1503:
1501:
1499:
1480:
1474:
1473:
1466:
1455:
1454:
1452:
1450:
1435:
1429:
1428:
1426:
1424:
1409:
1403:
1402:
1400:
1398:
1380:
1374:
1373:
1371:
1369:
1354:
1345:
1344:
1338:
1330:
1327:baltimoresun.com
1318:
1312:
1311:
1299:
1293:
1292:
1284:
1278:
1277:
1265:
1259:
1258:
1256:
1254:
1240:
1234:
1233:
1231:
1229:
1215:
1209:
1208:
1206:
1204:
1189:
1183:
1182:
1180:
1178:
1167:
1161:
1160:
1158:
1156:
1138:
1132:
1131:
1129:
1127:
1109:
1103:
1102:
1100:
1098:
1084:
1078:
1077:
1075:
1073:
1056:
1050:
1049:
1047:
1045:
1031:
1025:
1024:
1022:
1020:
998:
992:
991:
989:
987:
971:
965:
964:
962:
960:
945:
939:
938:
936:
934:
913:
907:
906:
904:
902:
881:
875:
874:
872:
870:
856:
850:
849:
847:
845:
827:
821:
820:
818:
816:
794:
785:
784:
782:
780:
775:. April 10, 2017
763:
757:
756:
754:
752:
735:
729:
728:
726:
724:
706:
700:
699:
697:
695:
677:
671:
670:
668:
666:
643:
637:
636:
634:
632:
614:
605:
604:
593:
587:
586:
575:
569:
568:
557:
551:
550:
539:
30:
21:
3093:
3092:
3088:
3087:
3086:
3084:
3083:
3082:
3058:
3057:
3056:
3047:
3001:
2985:
2939:
2883:
2852:
2796:
2775:
2729:
2688:
2648:
2428:
2426:vulnerabilities
2419:
2336:
2229:(confederation)
2192:Charming Kitten
2173:
2166:
2102:Goatse Security
2062:
2026:
2000:
1991:Deloitte breach
1942:
1928:Dyn cyberattack
1876:
1835:
1806:Operation Tovar
1789:
1753:
1727:
1681:
1642:Major incidents
1637:
1608:
1605:
1553:
1540:
1537:
1535:Further reading
1532:
1522:
1520:
1512:
1511:
1507:
1497:
1495:
1494:on June 4, 2017
1482:
1481:
1477:
1468:
1467:
1458:
1448:
1446:
1444:Financial Times
1437:
1436:
1432:
1422:
1420:
1411:
1410:
1406:
1396:
1394:
1382:
1381:
1377:
1367:
1365:
1356:
1355:
1348:
1331:
1320:
1319:
1315:
1301:
1300:
1296:
1286:
1285:
1281:
1267:
1266:
1262:
1252:
1250:
1242:
1241:
1237:
1227:
1225:
1217:
1216:
1212:
1202:
1200:
1191:
1190:
1186:
1176:
1174:
1169:
1168:
1164:
1154:
1152:
1148:Ars Technica UK
1140:
1139:
1135:
1125:
1123:
1111:
1110:
1106:
1096:
1094:
1086:
1085:
1081:
1071:
1069:
1058:
1057:
1053:
1043:
1041:
1033:
1032:
1028:
1018:
1016:
1000:
999:
995:
985:
983:
973:
972:
968:
958:
956:
947:
946:
942:
932:
930:
915:
914:
910:
900:
898:
885:"CVE-2017-0144"
883:
882:
878:
868:
866:
858:
857:
853:
843:
841:
829:
828:
824:
814:
812:
796:
795:
788:
778:
776:
765:
764:
760:
750:
748:
737:
736:
732:
722:
720:
708:
707:
703:
693:
691:
679:
678:
674:
664:
662:
652:Washington Post
645:
644:
640:
630:
628:
616:
615:
608:
595:
594:
590:
577:
576:
572:
559:
558:
554:
541:
540:
536:
532:
524:Petya (malware)
514:
487:
460:
435:
409:
371:EternalChampion
263:
234:in the form of
87:Synergy Variant
74:Mal/Eterocks- (
67:TROJ_ETEROCK. (
28:
23:
22:
15:
12:
11:
5:
3091:
3089:
3081:
3080:
3075:
3070:
3060:
3059:
3053:
3052:
3049:
3048:
3046:
3045:
3040:
3035:
3030:
3025:
3020:
3015:
3009:
3007:
3003:
3002:
3000:
2999:
2993:
2991:
2987:
2986:
2984:
2983:
2978:
2973:
2968:
2963:
2958:
2953:
2947:
2945:
2941:
2940:
2938:
2937:
2932:
2927:
2922:
2917:
2912:
2907:
2902:
2897:
2891:
2889:
2885:
2884:
2882:
2881:
2876:
2871:
2866:
2860:
2858:
2854:
2853:
2851:
2850:
2845:
2840:
2835:
2830:
2825:
2820:
2815:
2813:Black Energy 3
2810:
2804:
2802:
2798:
2797:
2795:
2794:
2789:
2783:
2781:
2777:
2776:
2774:
2773:
2768:
2763:
2758:
2753:
2748:
2743:
2737:
2735:
2731:
2730:
2728:
2727:
2722:
2720:Metulji botnet
2717:
2712:
2707:
2702:
2696:
2694:
2690:
2689:
2687:
2686:
2681:
2676:
2674:Black Energy 2
2671:
2665:
2663:
2656:
2650:
2649:
2647:
2646:
2640:
2634:
2628:
2622:
2616:
2610:
2604:
2598:
2592:
2586:
2580:
2574:
2568:
2562:
2556:
2550:
2544:
2538:
2532:
2529:Broadcom Wi-Fi
2526:
2520:
2514:
2508:
2502:
2496:
2490:
2484:
2478:
2472:
2466:
2460:
2454:
2448:
2442:
2435:
2433:
2421:
2420:
2418:
2417:
2412:
2407:
2402:
2397:
2392:
2390:Junaid Hussain
2387:
2382:
2380:Jeremy Hammond
2377:
2375:Elliott Gunton
2372:
2367:
2362:
2357:
2352:
2346:
2344:
2338:
2337:
2335:
2334:
2329:
2324:
2319:
2314:
2309:
2307:Stealth Falcon
2304:
2299:
2294:
2289:
2284:
2282:PLA Unit 61486
2279:
2277:PLA Unit 61398
2274:
2272:Numbered Panda
2269:
2264:
2250:
2245:
2240:
2235:
2230:
2224:
2219:
2217:Equation Group
2214:
2209:
2204:
2199:
2194:
2189:
2184:
2178:
2176:
2168:
2167:
2165:
2164:
2159:
2154:
2149:
2144:
2139:
2134:
2129:
2124:
2119:
2114:
2109:
2104:
2099:
2094:
2089:
2088:
2087:
2076:
2074:
2068:
2067:
2064:
2063:
2061:
2060:
2055:
2050:
2045:
2040:
2034:
2032:
2028:
2027:
2025:
2024:
2019:
2014:
2008:
2006:
2002:
2001:
1999:
1998:
1993:
1988:
1983:
1982:
1981:
1971:
1966:
1961:
1956:
1950:
1948:
1944:
1943:
1941:
1940:
1935:
1930:
1925:
1920:
1915:
1910:
1905:
1900:
1895:
1890:
1884:
1882:
1878:
1877:
1875:
1874:
1869:
1864:
1859:
1854:
1849:
1843:
1841:
1837:
1836:
1834:
1833:
1828:
1823:
1818:
1813:
1808:
1803:
1797:
1795:
1791:
1790:
1788:
1787:
1782:
1777:
1772:
1767:
1761:
1759:
1755:
1754:
1752:
1751:
1746:
1741:
1735:
1733:
1729:
1728:
1726:
1725:
1720:
1715:
1710:
1708:HBGary Federal
1705:
1700:
1695:
1689:
1687:
1683:
1682:
1680:
1679:
1674:
1669:
1664:
1659:
1652:
1650:
1643:
1639:
1638:
1634:
1633:
1627:
1622:
1613:
1610:
1609:
1606:
1604:
1603:
1596:
1589:
1581:
1575:
1574:
1564:
1559:
1552:
1551:External links
1549:
1548:
1547:
1536:
1533:
1531:
1530:
1505:
1475:
1456:
1430:
1418:Bloomberg News
1404:
1375:
1364:. May 14, 2017
1346:
1313:
1294:
1279:
1260:
1235:
1210:
1184:
1162:
1133:
1104:
1079:
1051:
1026:
993:
966:
940:
908:
876:
851:
822:
786:
758:
730:
701:
672:
638:
606:
588:
570:
552:
533:
531:
528:
527:
526:
521:
513:
510:
486:
483:
459:
456:
434:
433:Responsibility
431:
408:
405:
375:EternalRomance
262:
259:
251:Buckeye (APT3)
221:Shadow Brokers
199:is a computer
192:
191:
130:
126:
125:
121:
120:
118:Equation Group
115:
111:
110:
105:
101:
100:
99:
98:
97:
96:
84:
83:
82:
79:
72:
65:
58:
39:
38:Technical name
35:
34:
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
3090:
3079:
3076:
3074:
3071:
3069:
3066:
3065:
3063:
3044:
3041:
3039:
3036:
3034:
3031:
3029:
3026:
3024:
3021:
3019:
3016:
3014:
3011:
3010:
3008:
3004:
2998:
2995:
2994:
2992:
2988:
2982:
2979:
2977:
2974:
2972:
2969:
2967:
2964:
2962:
2959:
2957:
2954:
2952:
2949:
2948:
2946:
2942:
2936:
2933:
2931:
2928:
2926:
2923:
2921:
2918:
2916:
2913:
2911:
2908:
2906:
2903:
2901:
2898:
2896:
2893:
2892:
2890:
2886:
2880:
2877:
2875:
2872:
2870:
2867:
2865:
2862:
2861:
2859:
2855:
2849:
2846:
2844:
2843:Gameover ZeuS
2841:
2839:
2836:
2834:
2831:
2829:
2826:
2824:
2821:
2819:
2816:
2814:
2811:
2809:
2806:
2805:
2803:
2799:
2793:
2790:
2788:
2785:
2784:
2782:
2778:
2772:
2769:
2767:
2764:
2762:
2759:
2757:
2754:
2752:
2749:
2747:
2744:
2742:
2739:
2738:
2736:
2732:
2726:
2723:
2721:
2718:
2716:
2713:
2711:
2708:
2706:
2703:
2701:
2698:
2697:
2695:
2691:
2685:
2682:
2680:
2677:
2675:
2672:
2670:
2667:
2666:
2664:
2660:
2657:
2655:
2651:
2644:
2641:
2638:
2635:
2632:
2629:
2626:
2623:
2620:
2617:
2614:
2611:
2608:
2605:
2602:
2599:
2596:
2593:
2590:
2587:
2584:
2581:
2578:
2575:
2572:
2569:
2566:
2563:
2560:
2557:
2554:
2551:
2548:
2545:
2542:
2539:
2536:
2533:
2530:
2527:
2524:
2521:
2518:
2515:
2512:
2509:
2506:
2503:
2500:
2497:
2494:
2491:
2488:
2485:
2482:
2479:
2476:
2473:
2470:
2467:
2464:
2461:
2458:
2455:
2452:
2449:
2446:
2443:
2440:
2437:
2436:
2434:
2432:
2427:
2422:
2416:
2413:
2411:
2408:
2406:
2403:
2401:
2398:
2396:
2393:
2391:
2388:
2386:
2383:
2381:
2378:
2376:
2373:
2371:
2368:
2366:
2363:
2361:
2358:
2356:
2353:
2351:
2348:
2347:
2345:
2343:
2339:
2333:
2330:
2328:
2325:
2323:
2320:
2318:
2315:
2313:
2310:
2308:
2305:
2303:
2302:Rocket Kitten
2300:
2298:
2295:
2293:
2290:
2288:
2285:
2283:
2280:
2278:
2275:
2273:
2270:
2268:
2265:
2262:
2258:
2254:
2253:Lazarus Group
2251:
2249:
2246:
2244:
2241:
2239:
2236:
2234:
2231:
2228:
2225:
2223:
2220:
2218:
2215:
2213:
2210:
2208:
2205:
2203:
2200:
2198:
2195:
2193:
2190:
2188:
2185:
2183:
2180:
2179:
2177:
2175:
2169:
2163:
2160:
2158:
2155:
2153:
2150:
2148:
2145:
2143:
2140:
2138:
2135:
2133:
2130:
2128:
2125:
2123:
2120:
2118:
2115:
2113:
2110:
2108:
2105:
2103:
2100:
2098:
2095:
2093:
2090:
2086:
2083:
2082:
2081:
2078:
2077:
2075:
2073:
2069:
2059:
2056:
2054:
2051:
2049:
2046:
2044:
2041:
2039:
2036:
2035:
2033:
2029:
2023:
2020:
2018:
2015:
2013:
2010:
2009:
2007:
2003:
1997:
1996:Disqus breach
1994:
1992:
1989:
1987:
1984:
1980:
1977:
1976:
1975:
1972:
1970:
1967:
1965:
1962:
1960:
1957:
1955:
1952:
1951:
1949:
1945:
1939:
1936:
1934:
1931:
1929:
1926:
1924:
1921:
1919:
1916:
1914:
1911:
1909:
1906:
1904:
1901:
1899:
1896:
1894:
1891:
1889:
1886:
1885:
1883:
1879:
1873:
1870:
1868:
1865:
1863:
1860:
1858:
1855:
1853:
1850:
1848:
1845:
1844:
1842:
1838:
1832:
1829:
1827:
1824:
1822:
1819:
1817:
1814:
1812:
1809:
1807:
1804:
1802:
1799:
1798:
1796:
1792:
1786:
1783:
1781:
1778:
1776:
1773:
1771:
1770:Snapchat hack
1768:
1766:
1763:
1762:
1760:
1756:
1750:
1747:
1745:
1742:
1740:
1739:LinkedIn hack
1737:
1736:
1734:
1730:
1724:
1721:
1719:
1716:
1714:
1711:
1709:
1706:
1704:
1701:
1699:
1696:
1694:
1691:
1690:
1688:
1684:
1678:
1675:
1673:
1670:
1668:
1665:
1663:
1660:
1657:
1654:
1653:
1651:
1647:
1644:
1640:
1632: →
1631:
1628:
1626:
1623:
1621:
1618:←
1617:
1616:
1611:
1602:
1597:
1595:
1590:
1588:
1583:
1582:
1579:
1572:
1568:
1565:
1563:
1560:
1558:
1555:
1554:
1550:
1544:
1539:
1538:
1534:
1519:
1515:
1509:
1506:
1493:
1489:
1485:
1479:
1476:
1471:
1465:
1463:
1461:
1457:
1445:
1441:
1434:
1431:
1419:
1415:
1408:
1405:
1392:
1391:
1390:The Telegraph
1386:
1379:
1376:
1363:
1359:
1353:
1351:
1347:
1342:
1336:
1328:
1324:
1317:
1314:
1309:
1305:
1298:
1295:
1291:. Bloomsbury.
1290:
1283:
1280:
1275:
1271:
1264:
1261:
1249:
1245:
1239:
1236:
1224:
1220:
1214:
1211:
1199:
1198:microsoft.com
1195:
1188:
1185:
1173:
1166:
1163:
1150:
1149:
1144:
1137:
1134:
1121:
1120:
1115:
1108:
1105:
1093:
1089:
1083:
1080:
1068:
1067:
1062:
1055:
1052:
1040:
1036:
1030:
1027:
1014:
1010:
1009:
1004:
997:
994:
986:September 25,
982:
981:
976:
970:
967:
954:
950:
944:
941:
928:
924:
923:
922:SecurityFocus
918:
912:
909:
896:
892:
891:
886:
880:
877:
869:September 26,
865:
861:
855:
852:
839:
838:
833:
826:
823:
810:
806:
805:
800:
793:
791:
787:
774:
773:
768:
762:
759:
747:
746:
741:
734:
731:
718:
717:
712:
705:
702:
689:
688:
683:
676:
673:
661:
657:
653:
649:
642:
639:
626:
625:
620:
613:
611:
607:
602:
598:
592:
589:
584:
580:
574:
571:
566:
562:
556:
553:
548:
544:
538:
535:
529:
525:
522:
519:
516:
515:
511:
509:
507:
502:
500:
496:
492:
484:
482:
480:
476:
472:
471:computer worm
468:
464:
457:
455:
452:
448:
444:
443:U.S. military
440:
432:
430:
426:
424:
423:
418:
414:
406:
404:
402:
398:
394:
389:
387:
384:
380:
376:
372:
368:
364:
359:
357:
353:
349:
345:
340:
338:
334:
332:
328:
324:
320:
316:
312:
308:
307:Windows Vista
304:
300:
296:
290:
288:
284:
280:
276:
272:
268:
260:
258:
256:
252:
247:
245:
241:
237:
233:
232:computer worm
228:
226:
222:
218:
214:
210:
209:vulnerability
206:
202:
198:
190:
186:
182:
178:
174:
170:
166:
162:
158:
157:Windows Vista
154:
150:
146:
142:
138:
134:
131:
127:
122:
119:
116:
112:
109:
106:
102:
94:
90:
89:
88:
85:
80:
77:
73:
70:
66:
63:
59:
56:
52:
51:
50:
49:Rocks Variant
47:
46:
44:
40:
36:
31:
19:
2787:CryptoLocker
2541:DoublePulsar
2534:
2360:Cyber Anakin
2350:Ryan Ackroyd
2243:Helix Kitten
2238:Hacking Team
2233:Guccifer 2.0
2107:Lizard Squad
1923:Surkov leaks
1852:Hacking Team
1521:. Retrieved
1517:
1508:
1496:. Retrieved
1492:the original
1487:
1478:
1447:. Retrieved
1443:
1433:
1421:. Retrieved
1417:
1407:
1395:. Retrieved
1388:
1378:
1366:. Retrieved
1361:
1326:
1316:
1308:Ars Technica
1307:
1297:
1288:
1282:
1273:
1263:
1253:February 20,
1251:. Retrieved
1247:
1238:
1226:. Retrieved
1222:
1213:
1201:. Retrieved
1197:
1187:
1175:. Retrieved
1165:
1153:. Retrieved
1146:
1136:
1124:. Retrieved
1117:
1107:
1095:. Retrieved
1082:
1070:. Retrieved
1064:
1054:
1042:. Retrieved
1038:
1029:
1017:. Retrieved
1006:
996:
984:. Retrieved
978:
969:
957:. Retrieved
943:
931:. Retrieved
920:
911:
899:. Retrieved
888:
879:
867:. Retrieved
863:
854:
842:. Retrieved
835:
825:
813:. Retrieved
802:
777:. Retrieved
770:
761:
749:. Retrieved
743:
733:
721:. Retrieved
716:Ars Technica
714:
704:
692:. Retrieved
685:
675:
665:December 19,
663:. Retrieved
651:
641:
629:. Retrieved
624:Ars Technica
622:
600:
591:
582:
573:
564:
555:
546:
537:
503:
488:
466:
463:EternalRocks
462:
461:
458:EternalRocks
436:
427:
420:
410:
390:
383:open sourced
363:Windows 2000
360:
341:
335:
291:
264:
248:
238:, nicknamed
229:
196:
195:
149:Windows 2000
86:
48:
3023:NetTraveler
2961:LogicLocker
2869:Hidden Tear
2766:Red October
2625:Dragonblood
2535:EternalBlue
2499:Stagefright
2365:George Hotz
2342:Individuals
2092:CyberBerkut
1393:. p. 1
1228:February 5,
1192:MSRC Team.
1151:. p. 1
1122:. p. 1
1015:. p. 1
840:. p. 1
719:. p. 1
690:. p. 1
627:. p. 1
506:kill switch
501:" machine.
417:cyberattack
315:Windows 8.1
197:EternalBlue
169:Windows 8.1
69:Trend Micro
18:ETERNALBLUE
3062:Categories
2966:Rensenware
2951:BrickerBot
2879:TeslaCrypt
2669:Bad Rabbit
2619:Foreshadow
2523:Cloudbleed
2475:Row hammer
2457:Shellshock
2451:Heartbleed
2439:Evercookie
2415:The Jester
2297:Red Apollo
2257:BlueNorOff
2227:GOSSIPGIRL
2222:Fancy Bear
2212:Elfin Team
2207:DarkMatter
2202:Dark Basin
2187:Bureau 121
2147:Teamp0ison
2072:Hacktivism
1703:DNSChanger
864:Threatpost
815:August 19,
530:References
475:ransomware
386:Metasploit
348:Windows XP
319:Windows 10
236:ransomware
173:Windows 10
153:Windows XP
145:Windows NT
141:Windows Me
137:Windows 98
133:Windows 95
2997:VPNFilter
2874:Rombertik
2838:FinFisher
2828:DarkHotel
2792:DarkSeoul
2700:Coreflood
2565:BlueBorne
2517:Dirty COW
2431:disclosed
2429:publicly
2267:NSO Group
2197:Cozy Bear
2137:PayPal 14
2080:Anonymous
1954:SHAttered
1698:DigiNotar
1571:2017-0144
1449:March 11,
1423:March 11,
1119:wired.com
1092:Microsoft
1019:April 25,
1013:Vox Media
1008:The Verge
779:April 10,
751:April 10,
660:0190-8286
485:Infection
413:Baltimore
401:BadRabbit
388:modules.
367:RiskSense
352:Windows 8
311:Windows 7
279:2017-0144
267:Microsoft
165:Windows 8
161:Windows 7
55:Microsoft
43:Microsoft
3038:Titanium
2981:XafeCopy
2976:WannaCry
2905:KeRanger
2833:Duqu 2.0
2818:Carbanak
2637:BlueKeep
2613:SigSpoof
2571:Meltdown
2487:WinShock
2469:Rootpipe
2370:Guccifer
2292:Pranknet
2287:PLATINUM
2261:AndAriel
2172:Advanced
2127:NullCrew
2112:LulzRaft
2012:Trustico
1625:Timeline
1397:June 28,
1368:June 28,
1335:cite web
953:Archived
933:June 28,
927:Symantec
901:June 28,
844:June 27,
809:Archived
772:BBC News
512:See also
479:honeypot
397:NotPetya
393:WannaCry
240:WannaCry
225:patching
129:Platform
62:Symantec
2935:X-Agent
2925:Pegasus
2808:Brambul
2771:Shamoon
2715:Kelihos
2705:Alureon
2684:Stuxnet
2654:Malware
2607:TLBleed
2589:Exactis
2577:Spectre
2511:Badlock
2445:iSeeYou
2410:Topiary
2142:RedHack
2132:OurMine
2117:LulzSec
1523:May 30,
1518:Twitter
1498:May 25,
1203:May 13,
1177:May 13,
1155:May 15,
1126:May 13,
1097:May 13,
1072:May 13,
1044:May 13,
959:May 16,
723:May 13,
694:May 13,
631:May 13,
395:, both
303:patches
299:Tuesday
295:patches
281:in the
261:Details
217:network
201:exploit
114:Authors
108:Exploit
3018:Joanap
2971:Triton
2910:Necurs
2900:Jigsaw
2895:Hitler
2864:Dridex
2823:Careto
2746:Dexter
2679:SpyEye
2645:(2019)
2639:(2019)
2633:(2019)
2627:(2019)
2621:(2018)
2615:(2018)
2609:(2018)
2603:(2018)
2597:(2018)
2591:(2018)
2585:(2018)
2579:(2018)
2573:(2018)
2567:(2017)
2561:(2017)
2555:(2017)
2549:(2017)
2543:(2017)
2537:(2017)
2531:(2017)
2525:(2017)
2519:(2016)
2513:(2016)
2507:(2016)
2501:(2015)
2495:(2015)
2493:JASBUG
2489:(2014)
2483:(2014)
2477:(2014)
2471:(2014)
2465:(2014)
2463:POODLE
2459:(2014)
2453:(2014)
2447:(2013)
2441:(2010)
2424:Major
2405:Track2
2327:xDedic
2157:UGNazi
687:Forbes
658:
354:, and
329:, and
255:trojan
76:Sophos
3033:Tinba
2920:Mirai
2848:Regin
2761:Mahdi
2756:Flame
2741:Carna
2725:Stars
2643:Kr00k
2583:EFAIL
2553:KRACK
2505:DROWN
1630:2020s
1620:2000s
1488:Tech2
804:Wired
469:is a
3028:R2D2
3013:Grum
3006:2019
2990:2018
2956:Kirk
2944:2017
2915:MEMZ
2888:2016
2857:2015
2801:2014
2780:2013
2734:2012
2710:Duqu
2693:2011
2662:2010
2400:Sabu
2152:TDO
2097:GNAA
2031:2019
2005:2018
1947:2017
1881:2016
1840:2015
1794:2014
1758:2013
1732:2012
1686:2011
1649:2010
1525:2017
1500:2017
1451:2022
1425:2022
1399:2017
1370:2017
1341:link
1255:2019
1230:2018
1205:2017
1179:2017
1157:2017
1128:2017
1099:2017
1074:2017
1046:2017
1021:2019
988:2017
961:2017
935:2017
903:2017
871:2017
846:2017
817:2019
781:2017
753:2017
725:2017
696:2017
667:2017
656:ISSN
633:2017
499:host
399:and
373:and
104:Type
93:ESET
2751:FBI
2395:MLT
2259:) (
1567:CVE
491:Tor
465:or
439:CIA
365:by
275:CVE
211:in
3064::
1516:.
1486:.
1459:^
1442:.
1416:.
1387:.
1360:.
1349:^
1337:}}
1333:{{
1325:.
1306:.
1272:.
1246:.
1221:.
1196:.
1145:.
1116:.
1090:.
1063:.
1037:.
1011:.
1005:.
977:.
925:.
919:.
893:.
887:.
862:.
834:.
807:.
801:.
789:^
769:.
742:.
713:.
684:.
654:.
650:.
621:.
609:^
599:.
581:.
563:.
545:.
481:.
358:.
350:,
333:.
325:,
321:,
317:,
313:,
309:,
187:,
183:,
179:,
175:,
171:,
167:,
163:,
159:,
155:,
151:,
147:,
143:,
139:,
135:,
45:)
2263:)
2255:(
1600:e
1593:t
1586:v
1569:-
1545:.
1527:.
1502:.
1472:.
1453:.
1427:.
1401:.
1372:.
1343:)
1329:.
1310:.
1276:.
1257:.
1232:.
1207:.
1181:.
1159:.
1130:.
1101:.
1076:.
1048:.
1023:.
990:.
963:.
937:.
905:.
873:.
848:.
819:.
783:.
755:.
727:.
698:.
669:.
635:.
603:.
585:.
567:.
549:.
277:-
95:)
78:)
71:)
64:)
57:)
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.