Another global ransomware outbreak was powered with a leaked, fully operational NSA hacking tool that had been released by The Shadow Brokers, according to researchers with cybersecurity firms Cisco Talos, IB Group and Symantec. The latest international ransomware incident occurred on Tuesday and primarily affected computers in Ukraine and Russia. Analysts studying malware samples connected to this event, dubbed “BadRabbit,” found Thursday that the carefully prepared attack contained an exploit known as “EternalRomance.” Update: Talos has identified an eternal romance component and more! https://t.co/H4BAi4wRhE — Craig Williams (@security_craig) October 26, 2017 Some researchers say the BadRabbit operation had been planned for months, dating back perhaps to as far as Feb. 2017, according to FireEye, or July 2017, based on digital evidence found by Kaspersky Lab. It appears the attackers behind #Badrabbit have been busy setting up their infection network on hacked sites since at least July 2017. pic.twitter.com/fV5U1FeVtR — Costin Raiu […]
The post Leaked NSA tools were once again used in a global ransomware attack appeared first on Cyberscoop.
Continue reading Leaked NSA tools were once again used in a global ransomware attack→