It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
A massive cyber-attack using tools believed to have been developed by the US National Security Agency has struck organisations around the world. Computers in thousands of locations have been locked by a programme that demands $300 (£230) in Bitcoin. In April hackers known as The Shadow Brokers claimed to have stolen the tools and released them online. Microsoft released a patch for the vulnerability in March, but many systems may not have been updated. How big is the attack? There have been reports of infections in 99 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan. Cyber-security firm Avast said it had seen 75,000 cases of the ransomware - known as WannaCry and variants of that name - around the world. "This is huge," said Jakub Kroustek at Avast.
Microsoft released a patch for the vulnerability in March, but many systems may not have been updated.
Some experts say the attack may be have been built to exploit a weakness in Microsoft systems that was identified by the NSA and given the name EternalBlue. The NSA tools were then stolen by a group of hackers known as The Shadow Brokers, who then attempted to sell the encrypted cache in an online auction. However they subsequently made the tools freely available, releasing a password for the encryption on 8 April.
The hackers said they had published the password as a "protest" about US President Donald Trump. At the time, some cyber-security experts said some of the malware was real, but old. A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed. Microsoft said on Friday its engineers had added detection and protection against WnaCryt. The company was providing assistance to customers, it added. How does the malware work? Some security researchers have pointed out that the infections seem to be deployed via a worm - a program that spreads by itself between computers. Unlike many other malicious programs, this one has the ability to move around a network by itself. Most others rely on humans to spread by tricking them into clicking on an attachment harbouring the attack code. By contrast, once WanCry is inside an organisation it will hunt down vulnerable machines and infect them too. This perhaps explains why its impact is so public - because large numbers of machines at each victim organisation are being compromised.
originally posted by: heineken
i still don't know why they want to blame the NSA when such tools are so easily obtained from the underground..of course for a price..there are thousands of variants
originally posted by: ZIPMATT
a reply to: ArMaP
So the nsa got microsoft to build in a hole which allows remote access and control , which was put in all chips for all computers made from 2010 in secret , and now the nsa has been hacked and stolen from , allowing remote access through the hole they put there together , to presumably anyone with hacking knowledge because the tools were available (dumped) on line , in a an apparent protest about trump by a group called the shadow brokers .
lol out loud ! its a proper story already , its nothing to do with me , except my good old dad is hospital right now , that's no so amusable
And..... where's the Americans ? Isn't this thread veeery quiet ?
Jakub Kroustek of the security firm Avast said in a blog post update around 2000 GMT, "We are now seeing more than 75,000 detections... in 99 countries."
Kaspersky researcher Costin Raiu cited 45,000 attacks in 74 countries, saying that the malware, a self-replicating "worm," was spreading quickly.
originally posted by: heineken
One can follow the money coming in which I assume will increase in the coming hours getting closer to zero time
here are some link of the wallets used by the attacking party
These wallets so far generated += 8.676 thus 1,719.25 US Dollar