After the first shock from WannaCry ransomware, one of the worst malware ever released, security researchers continue to analyze it. As we have seen so far, some different samples of ransomware have been detected by 400.
Security researchers from Trustlook today announced that 386 has been recorded so far with different samples of WannaCry malware.
As you already know from previous publications, the WannaCry uses two tools hacking tools of the NSA leaked by Shadow Brokers hacking team. EternalBlue is a tool that exploits a Windows vulnerability while DoublePulsar helps worm transmission over networks.
The vulnerability in Windows is said to have been fixed by Microsoft, which was needed to stop the attack as it is believed that the initial WannaCry infections were believed not to come from a phishing campaign, but rather from attackers who scanned for open ports.
As mentioned in a previous publication, Microsoft released another update for Windows XP.
But although many of us thought that those infected by malicious software were using XP, a bit later the data showed that most of the devices that fell victim to WannaCry were running Windows 7.
The WannaCry was just the beginning, with its 386 samples. A new worm discovered by researchers, and called EternalRocks, uses seven NSA hacking tools, while WannaCry uses only two. So far, EternalRocks has not been armed with a ransomware, trojan, etc. but this can be done at any time.