Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads
released on 2017-06-02 @ 02:37:21 PM
The “EternalBlue” exploit (MS017-010) was initially used by WannaCry ransomware and Adylkuzz cryptocurrency miner. Now more threat actors are leveraging the vulnerability in Microsoft Server Message Block (SMB) protocol – this time to distribute Backdoor.Nitol and Trojan Gh0st RAT.