Windows Takeover On A Global Scale

With the shadowbrokers release of NSA tools last month came something very scary for most Windows users. A file named Eternalblue was included, which was a remote SMBv2 exploit (CVE-2017-0143) that could be used for RCE. This exploit has been used in the now infamous “WannaCry” ransomware that has been sweeping the globe in a massive cyber attack.

On May 12, a security researcher by the name of ‘MalwareTech’ found a unregistered domain within the code, that happened to be its killswitch. With the shutdown of WannaCry many were excited, but it hasn’t ended yet. A new version has been seen spreading around even after friday.