Wannamine cryptominer that uses EternalBlue still active


Research by Amit Serper

A few days ago the Nocturnus team investigated a new outbreak of Wannamine. Wannamine is an attack based on the EternalBlue exploits that were leaked from the NSA last year. You probably remember those exploits since they were used in last year’s WannaCry and NotPetya attacks.

Article Link: https://www.cybereason.com/blog/wannamine-cryptominer-eternalblue-wannacry