1938:
377:
288:
786:
806:
234:
332:
317:
142:
189:
498:
472:
302:
1420:
958:
52:
776:
766:
720:
1354:
1979:
535:
890:
2003:
1304:
771:
270:
157:, which grants cybercriminals a high level of control over the computer system. Once installed, it uses three commands:
1438:
921:
699:
465:
430:
249:
405:
2008:
1444:
970:
931:
566:
1504:
1450:
1025:
916:
745:
1498:
852:
689:
591:
1901:
911:
684:
653:
791:
704:
503:
493:
458:
1665:
1055:
842:
781:
740:
638:
1402:
145:, first dissected and inspected DoublePulsar. He said that the NSA exploits are "10 times worse" than the
1160:
895:
658:
995:
213:
1972:
1849:
1190:
1045:
837:
730:
674:
199:
135:
127:
596:
1330:
1299:
926:
158:
885:
1998:
1468:
1035:
953:
859:
832:
112:
138:. A variant of DoublePulsar was first seen in the wild in March 2016, as discovered by Symantec.
1624:
1288:
761:
694:
540:
194:
2013:
1185:
847:
827:
1965:
1686:
1639:
1547:
1474:
1258:
622:
869:
725:
1283:
648:
108:
352:
8:
1773:
801:
617:
150:
1130:
1911:
1906:
1803:
1432:
1195:
1121:
811:
612:
166:
162:
120:
1953:
1134:
643:
289:"Wana Decrypt0r Ransomware Using NSA Exploit Leaked by Shadow Brokers Is on a Rampage"
1916:
1798:
1768:
1372:
1228:
586:
550:
378:"Stolen NSA hacking tools were used in the wild 14 months before Shadow Brokers leak"
124:
1844:
1696:
1619:
1268:
1205:
1080:
529:
1542:
318:"Today's Massive Ransomware Attack Was Mostly Preventable; Here's How To Avoid It"
235:"DoublePulsar malware spreading rapidly in the wild following Shadow Brokers dump"
1854:
1829:
1793:
1721:
1634:
1629:
1273:
1065:
975:
679:
1949:
1593:
1588:
1278:
1263:
1253:
1248:
1180:
1155:
1150:
1145:
1090:
864:
545:
116:
96:
66:
20:
735:
1992:
1716:
1175:
1126:
1660:
1614:
1378:
1233:
1223:
1116:
1111:
1106:
980:
796:
1896:
1886:
1834:
1742:
1598:
1408:
1238:
1100:
965:
154:
131:
1839:
1824:
1752:
1492:
1396:
1348:
1324:
1312:
1170:
1095:
1085:
1075:
1060:
1020:
945:
576:
450:
303:">10,000 Windows computers may be infected by advanced NSA backdoor"
146:
1870:
1747:
1711:
1701:
1573:
1390:
1140:
1070:
1010:
571:
45:
1778:
1706:
1691:
1510:
1486:
1360:
1342:
1243:
1165:
1000:
985:
1945:
1808:
1681:
1644:
1578:
1557:
1527:
1480:
1462:
1384:
1318:
1015:
1005:
990:
170:
1937:
1891:
1783:
1737:
1552:
1366:
1336:
1215:
1200:
1030:
581:
337:
1516:
1456:
1426:
406:"DoublePulsar Initial SMB Backdoor Ring 0 Shellcode Analysis"
333:"How One Simple Trick Just Put Out That Huge Ransomware Fire"
1788:
1583:
73:
767:
431:"NSA's DoublePulsar Kernel Exploit In Use Internet-Wide"
353:"Player 3 Has Entered the Game: Say Hello to 'WannaCry'"
123:in early 2017. The tool infected more than 200,000
149:security bug, and use DoublePulsar as the primary
19:For the only known double pulsar star system, see
1990:
141:Sean Dillon, senior analyst of security company
807:Russian interference in the 2016 U.S. elections
400:
398:
214:"Win32/Equation.DarkPulsar.A | ESET Virusradar"
1973:
466:
395:
250:"Double Pulsar NSA leaked hacks in the wild"
229:
227:
130:in only a few weeks, and was used alongside
777:Democratic National Committee cyber attacks
277:. 4 May 2017 – via www.bloomberg.com.
1980:
1966:
721:Office of Personnel Management data breach
473:
459:
169:, the latter of which can be used to load
224:
480:
330:
271:"Seriously, Beware the 'Shadow Brokers'"
265:
263:
315:
1991:
454:
260:
1932:
247:
772:Commission on Elections data breach
111:implant tool developed by the U.S.
13:
14:
2025:
932:Jeff Bezos phone hacking incident
1936:
1505:Microarchitectural Data Sampling
741:Ukrainian Power Grid Cyberattack
649:Cyberterrorism attack of June 25
853:2017 Ukraine ransomware attacks
690:2014 JPMorgan Chase data breach
423:
370:
345:
685:2014 celebrity nude photo leak
324:
309:
295:
281:
241:
206:
182:
1:
922:Bulgarian revenue agency hack
700:Russian hacker password theft
316:Cameron, Dell (13 May 2017).
176:
1952:. You can help Knowledge by
1056:Bangladesh Black Hat Hackers
532:(publication of 2009 events)
7:
917:Baltimore ransomware attack
72:Win32/Equation.DarkPulsar (
44:Trojan:Win32/DoublePulsar (
10:
2030:
2004:Computer security exploits
1931:
1191:Tailored Access Operations
838:WannaCry ransomware attack
731:Ashley Madison data breach
675:Anthem medical data breach
592:PlayStation network outage
357:blog.talosintelligence.com
136:WannaCry ransomware attack
18:
1879:
1863:
1817:
1761:
1730:
1674:
1653:
1607:
1566:
1535:
1526:
1297:
1214:
1044:
944:
927:WhatsApp snooping scandal
904:
878:
820:
792:Indian Bank data breaches
754:
713:
667:
631:
605:
559:
522:
515:
486:
92:
84:
33:
28:
2009:National Security Agency
1469:Speculative Store Bypass
1036:Ukrainian Cyber Alliance
833:2017 Macron e-mail leaks
113:National Security Agency
88:Pulsar (backdoor family)
843:Westminster data breach
762:Bangladesh Bank robbery
705:2014 Yahoo! data breach
695:2014 Sony Pictures hack
654:2013 Yahoo! data breach
639:South Korea cyberattack
541:Operation Olympic Games
536:Australian cyberattacks
410:zerosum0x0.blogspot.com
153:. DoublePulsar runs in
51:Backdoor.DoublePulsar (
1948:-related article is a
1186:Syrian Electronic Army
896:SingHealth data breach
659:Singapore cyberattacks
597:RSA SecurID compromise
331:Fox-Brewster, Thomas.
1475:Lazy FP state restore
1259:Kristoffer von Hassel
912:Sri Lanka cyberattack
782:Vietnam Airport Hacks
623:Operation High Roller
16:Backdoor implant tool
1421:Silent Bob is Silent
481:Hacking in the 2010s
1355:SS7 vulnerabilities
891:Atlanta cyberattack
860:Equifax data breach
618:Stratfor email leak
567:Canadian government
546:Operation ShadowNet
190:"Trojan.Darkpulsar"
119:that was leaked by
65:Trojan.Darkpulsar (
1804:Petya and NotPetya
1433:ROCA vulnerability
1196:The Shadow Brokers
1122:Iranian Cyber Army
1048:persistent threats
848:Petya and NotPetya
812:2016 Bitfinex hack
787:DCCC cyber attacks
746:SWIFT banking hack
218:www.virusradar.com
202:on 3 October 2019.
121:The Shadow Brokers
1961:
1960:
1929:
1928:
1925:
1924:
1917:ZeroAccess botnet
1229:Mustafa Al-Bassam
996:New World Hackers
959:associated events
940:
939:
736:VTech data breach
587:Operation AntiSec
551:Operation Payback
510:
509:
248:Sterling, Bruce.
173:onto the system.
125:Microsoft Windows
102:
101:
2021:
1982:
1975:
1968:
1940:
1933:
1533:
1532:
1206:Yemen Cyber Army
530:Operation Aurora
520:
519:
489:
488:
475:
468:
461:
452:
451:
446:
445:
443:
442:
427:
421:
420:
418:
417:
402:
393:
392:
390:
389:
374:
368:
367:
365:
364:
349:
343:
342:
328:
322:
321:
313:
307:
306:
305:. 21 April 2017.
299:
293:
292:
285:
279:
278:
267:
258:
257:
245:
239:
238:
237:. 25 April 2017.
231:
222:
221:
210:
204:
203:
198:. Archived from
186:
134:in the May 2017
26:
25:
2029:
2028:
2024:
2023:
2022:
2020:
2019:
2018:
1999:Windows trojans
1989:
1988:
1987:
1986:
1930:
1921:
1875:
1859:
1813:
1757:
1726:
1670:
1649:
1603:
1562:
1522:
1302:
1300:vulnerabilities
1293:
1210:
1103:(confederation)
1066:Charming Kitten
1047:
1040:
976:Goatse Security
936:
900:
874:
865:Deloitte breach
816:
802:Dyn cyberattack
750:
709:
680:Operation Tovar
663:
627:
601:
555:
516:Major incidents
511:
482:
479:
449:
440:
438:
437:. 24 April 2017
429:
428:
424:
415:
413:
412:. 21 April 2017
404:
403:
396:
387:
385:
382:arstechnica.com
376:
375:
371:
362:
360:
351:
350:
346:
329:
325:
314:
310:
301:
300:
296:
287:
286:
282:
269:
268:
261:
246:
242:
233:
232:
225:
212:
211:
207:
188:
187:
183:
179:
24:
17:
12:
11:
5:
2027:
2017:
2016:
2011:
2006:
2001:
1985:
1984:
1977:
1970:
1962:
1959:
1958:
1941:
1927:
1926:
1923:
1922:
1920:
1919:
1914:
1909:
1904:
1899:
1894:
1889:
1883:
1881:
1877:
1876:
1874:
1873:
1867:
1865:
1861:
1860:
1858:
1857:
1852:
1847:
1842:
1837:
1832:
1827:
1821:
1819:
1815:
1814:
1812:
1811:
1806:
1801:
1796:
1791:
1786:
1781:
1776:
1771:
1765:
1763:
1759:
1758:
1756:
1755:
1750:
1745:
1740:
1734:
1732:
1728:
1727:
1725:
1724:
1719:
1714:
1709:
1704:
1699:
1694:
1689:
1687:Black Energy 3
1684:
1678:
1676:
1672:
1671:
1669:
1668:
1663:
1657:
1655:
1651:
1650:
1648:
1647:
1642:
1637:
1632:
1627:
1622:
1617:
1611:
1609:
1605:
1604:
1602:
1601:
1596:
1594:Metulji botnet
1591:
1586:
1581:
1576:
1570:
1568:
1564:
1563:
1561:
1560:
1555:
1550:
1548:Black Energy 2
1545:
1539:
1537:
1530:
1524:
1523:
1521:
1520:
1514:
1508:
1502:
1496:
1490:
1484:
1478:
1472:
1466:
1460:
1454:
1448:
1442:
1436:
1430:
1424:
1418:
1412:
1406:
1403:Broadcom Wi-Fi
1400:
1394:
1388:
1382:
1376:
1370:
1364:
1358:
1352:
1346:
1340:
1334:
1328:
1322:
1316:
1309:
1307:
1295:
1294:
1292:
1291:
1286:
1281:
1276:
1271:
1266:
1264:Junaid Hussain
1261:
1256:
1254:Jeremy Hammond
1251:
1249:Elliott Gunton
1246:
1241:
1236:
1231:
1226:
1220:
1218:
1212:
1211:
1209:
1208:
1203:
1198:
1193:
1188:
1183:
1181:Stealth Falcon
1178:
1173:
1168:
1163:
1158:
1156:PLA Unit 61486
1153:
1151:PLA Unit 61398
1148:
1146:Numbered Panda
1143:
1138:
1124:
1119:
1114:
1109:
1104:
1098:
1093:
1091:Equation Group
1088:
1083:
1078:
1073:
1068:
1063:
1058:
1052:
1050:
1042:
1041:
1039:
1038:
1033:
1028:
1023:
1018:
1013:
1008:
1003:
998:
993:
988:
983:
978:
973:
968:
963:
962:
961:
950:
948:
942:
941:
938:
937:
935:
934:
929:
924:
919:
914:
908:
906:
902:
901:
899:
898:
893:
888:
882:
880:
876:
875:
873:
872:
867:
862:
857:
856:
855:
845:
840:
835:
830:
824:
822:
818:
817:
815:
814:
809:
804:
799:
794:
789:
784:
779:
774:
769:
764:
758:
756:
752:
751:
749:
748:
743:
738:
733:
728:
723:
717:
715:
711:
710:
708:
707:
702:
697:
692:
687:
682:
677:
671:
669:
665:
664:
662:
661:
656:
651:
646:
641:
635:
633:
629:
628:
626:
625:
620:
615:
609:
607:
603:
602:
600:
599:
594:
589:
584:
582:HBGary Federal
579:
574:
569:
563:
561:
557:
556:
554:
553:
548:
543:
538:
533:
526:
524:
517:
513:
512:
508:
507:
501:
496:
487:
484:
483:
478:
477:
470:
463:
455:
448:
447:
435:threatpost.com
422:
394:
369:
344:
323:
308:
294:
280:
259:
240:
223:
205:
180:
178:
175:
143:RiskSense Inc.
117:Equation Group
100:
99:
97:Equation Group
94:
90:
89:
86:
82:
81:
80:
79:
78:
77:
70:
58:
57:
56:
49:
40:Double Variant
35:
34:Technical name
31:
30:
21:PSR J0737-3039
15:
9:
6:
4:
3:
2:
2026:
2015:
2014:Malware stubs
2012:
2010:
2007:
2005:
2002:
2000:
1997:
1996:
1994:
1983:
1978:
1976:
1971:
1969:
1964:
1963:
1957:
1955:
1951:
1947:
1942:
1939:
1935:
1934:
1918:
1915:
1913:
1910:
1908:
1905:
1903:
1900:
1898:
1895:
1893:
1890:
1888:
1885:
1884:
1882:
1878:
1872:
1869:
1868:
1866:
1862:
1856:
1853:
1851:
1848:
1846:
1843:
1841:
1838:
1836:
1833:
1831:
1828:
1826:
1823:
1822:
1820:
1816:
1810:
1807:
1805:
1802:
1800:
1797:
1795:
1792:
1790:
1787:
1785:
1782:
1780:
1777:
1775:
1772:
1770:
1767:
1766:
1764:
1760:
1754:
1751:
1749:
1746:
1744:
1741:
1739:
1736:
1735:
1733:
1729:
1723:
1720:
1718:
1717:Gameover ZeuS
1715:
1713:
1710:
1708:
1705:
1703:
1700:
1698:
1695:
1693:
1690:
1688:
1685:
1683:
1680:
1679:
1677:
1673:
1667:
1664:
1662:
1659:
1658:
1656:
1652:
1646:
1643:
1641:
1638:
1636:
1633:
1631:
1628:
1626:
1623:
1621:
1618:
1616:
1613:
1612:
1610:
1606:
1600:
1597:
1595:
1592:
1590:
1587:
1585:
1582:
1580:
1577:
1575:
1572:
1571:
1569:
1565:
1559:
1556:
1554:
1551:
1549:
1546:
1544:
1541:
1540:
1538:
1534:
1531:
1529:
1525:
1518:
1515:
1512:
1509:
1506:
1503:
1500:
1497:
1494:
1491:
1488:
1485:
1482:
1479:
1476:
1473:
1470:
1467:
1464:
1461:
1458:
1455:
1452:
1449:
1446:
1443:
1440:
1437:
1434:
1431:
1428:
1425:
1422:
1419:
1416:
1413:
1410:
1407:
1404:
1401:
1398:
1395:
1392:
1389:
1386:
1383:
1380:
1377:
1374:
1371:
1368:
1365:
1362:
1359:
1356:
1353:
1350:
1347:
1344:
1341:
1338:
1335:
1332:
1329:
1326:
1323:
1320:
1317:
1314:
1311:
1310:
1308:
1306:
1301:
1296:
1290:
1287:
1285:
1282:
1280:
1277:
1275:
1272:
1270:
1267:
1265:
1262:
1260:
1257:
1255:
1252:
1250:
1247:
1245:
1242:
1240:
1237:
1235:
1232:
1230:
1227:
1225:
1222:
1221:
1219:
1217:
1213:
1207:
1204:
1202:
1199:
1197:
1194:
1192:
1189:
1187:
1184:
1182:
1179:
1177:
1176:Rocket Kitten
1174:
1172:
1169:
1167:
1164:
1162:
1159:
1157:
1154:
1152:
1149:
1147:
1144:
1142:
1139:
1136:
1132:
1128:
1127:Lazarus Group
1125:
1123:
1120:
1118:
1115:
1113:
1110:
1108:
1105:
1102:
1099:
1097:
1094:
1092:
1089:
1087:
1084:
1082:
1079:
1077:
1074:
1072:
1069:
1067:
1064:
1062:
1059:
1057:
1054:
1053:
1051:
1049:
1043:
1037:
1034:
1032:
1029:
1027:
1024:
1022:
1019:
1017:
1014:
1012:
1009:
1007:
1004:
1002:
999:
997:
994:
992:
989:
987:
984:
982:
979:
977:
974:
972:
969:
967:
964:
960:
957:
956:
955:
952:
951:
949:
947:
943:
933:
930:
928:
925:
923:
920:
918:
915:
913:
910:
909:
907:
903:
897:
894:
892:
889:
887:
884:
883:
881:
877:
871:
870:Disqus breach
868:
866:
863:
861:
858:
854:
851:
850:
849:
846:
844:
841:
839:
836:
834:
831:
829:
826:
825:
823:
819:
813:
810:
808:
805:
803:
800:
798:
795:
793:
790:
788:
785:
783:
780:
778:
775:
773:
770:
768:
765:
763:
760:
759:
757:
753:
747:
744:
742:
739:
737:
734:
732:
729:
727:
724:
722:
719:
718:
716:
712:
706:
703:
701:
698:
696:
693:
691:
688:
686:
683:
681:
678:
676:
673:
672:
670:
666:
660:
657:
655:
652:
650:
647:
645:
644:Snapchat hack
642:
640:
637:
636:
634:
630:
624:
621:
619:
616:
614:
613:LinkedIn hack
611:
610:
608:
604:
598:
595:
593:
590:
588:
585:
583:
580:
578:
575:
573:
570:
568:
565:
564:
562:
558:
552:
549:
547:
544:
542:
539:
537:
534:
531:
528:
527:
525:
521:
518:
514:
506: →
505:
502:
500:
497:
495:
492:←
491:
490:
485:
476:
471:
469:
464:
462:
457:
456:
453:
436:
432:
426:
411:
407:
401:
399:
383:
379:
373:
359:. 12 May 2017
358:
354:
348:
340:
339:
334:
327:
319:
312:
304:
298:
290:
284:
276:
272:
266:
264:
255:
251:
244:
236:
230:
228:
219:
215:
209:
201:
197:
196:
191:
185:
181:
174:
172:
168:
164:
160:
156:
152:
148:
144:
139:
137:
133:
129:
126:
122:
118:
114:
110:
106:
98:
95:
91:
87:
83:
75:
71:
68:
64:
63:
62:
59:
54:
50:
47:
43:
42:
41:
38:
37:
36:
32:
27:
22:
1954:expanding it
1943:
1661:CryptoLocker
1415:DoublePulsar
1414:
1234:Cyber Anakin
1224:Ryan Ackroyd
1117:Helix Kitten
1112:Hacking Team
1107:Guccifer 2.0
981:Lizard Squad
797:Surkov leaks
726:Hacking Team
439:. Retrieved
434:
425:
414:. Retrieved
409:
386:. Retrieved
384:. 7 May 2019
381:
372:
361:. Retrieved
356:
347:
336:
326:
311:
297:
283:
274:
253:
243:
217:
208:
200:the original
193:
184:
140:
105:DoublePulsar
104:
103:
61:Dark Variant
60:
39:
29:DoublePulsar
1897:NetTraveler
1835:LogicLocker
1743:Hidden Tear
1640:Red October
1499:Dragonblood
1409:EternalBlue
1373:Stagefright
1239:George Hotz
1216:Individuals
966:CyberBerkut
155:kernel mode
132:EternalBlue
1993:Categories
1840:Rensenware
1825:BrickerBot
1753:TeslaCrypt
1543:Bad Rabbit
1493:Foreshadow
1397:Cloudbleed
1349:Row hammer
1331:Shellshock
1325:Heartbleed
1313:Evercookie
1289:The Jester
1171:Red Apollo
1131:BlueNorOff
1101:GOSSIPGIRL
1096:Fancy Bear
1086:Elfin Team
1081:DarkMatter
1076:Dark Basin
1061:Bureau 121
1021:Teamp0ison
946:Hacktivism
577:DNSChanger
441:2017-05-16
416:2017-05-16
388:2019-05-07
363:2017-05-15
177:References
147:Heartbleed
53:Fortiguard
1871:VPNFilter
1748:Rombertik
1712:FinFisher
1702:DarkHotel
1666:DarkSeoul
1574:Coreflood
1439:BlueBorne
1391:Dirty COW
1305:disclosed
1303:publicly
1141:NSO Group
1071:Cozy Bear
1011:PayPal 14
954:Anonymous
828:SHAttered
572:DigiNotar
275:Bloomberg
128:computers
115:'s (NSA)
46:Microsoft
1912:Titanium
1855:XafeCopy
1850:WannaCry
1779:KeRanger
1707:Duqu 2.0
1692:Carbanak
1511:BlueKeep
1487:SigSpoof
1445:Meltdown
1361:WinShock
1343:Rootpipe
1244:Guccifer
1166:Pranknet
1161:PLATINUM
1135:AndAriel
1046:Advanced
1001:NullCrew
986:LulzRaft
886:Trustico
499:Timeline
195:Symantec
109:backdoor
67:Symantec
1946:malware
1809:X-Agent
1799:Pegasus
1682:Brambul
1645:Shamoon
1589:Kelihos
1579:Alureon
1558:Stuxnet
1528:Malware
1481:TLBleed
1463:Exactis
1451:Spectre
1385:Badlock
1319:iSeeYou
1284:Topiary
1016:RedHack
1006:OurMine
991:LulzSec
171:malware
151:payload
93:Authors
1892:Joanap
1845:Triton
1784:Necurs
1774:Jigsaw
1769:Hitler
1738:Dridex
1697:Careto
1620:Dexter
1553:SpyEye
1519:(2019)
1513:(2019)
1507:(2019)
1501:(2019)
1495:(2018)
1489:(2018)
1483:(2018)
1477:(2018)
1471:(2018)
1465:(2018)
1459:(2018)
1453:(2018)
1447:(2018)
1441:(2017)
1435:(2017)
1429:(2017)
1423:(2017)
1417:(2017)
1411:(2017)
1405:(2017)
1399:(2017)
1393:(2016)
1387:(2016)
1381:(2016)
1375:(2015)
1369:(2015)
1367:JASBUG
1363:(2014)
1357:(2014)
1351:(2014)
1345:(2014)
1339:(2014)
1337:POODLE
1333:(2014)
1327:(2014)
1321:(2013)
1315:(2010)
1298:Major
1279:Track2
1201:xDedic
1031:UGNazi
338:Forbes
165:, and
85:Family
1944:This
1907:Tinba
1794:Mirai
1722:Regin
1635:Mahdi
1630:Flame
1615:Carna
1599:Stars
1517:Kr00k
1457:EFAIL
1427:KRACK
1379:DROWN
504:2020s
494:2000s
254:Wired
107:is a
1950:stub
1902:R2D2
1887:Grum
1880:2019
1864:2018
1830:Kirk
1818:2017
1789:MEMZ
1762:2016
1731:2015
1675:2014
1654:2013
1608:2012
1584:Duqu
1567:2011
1536:2010
1274:Sabu
1026:TDO
971:GNAA
905:2019
879:2018
821:2017
755:2016
714:2015
668:2014
632:2013
606:2012
560:2011
523:2010
167:exec
163:kill
159:ping
74:ESET
1625:FBI
1269:MLT
1133:) (
1995::
433:.
408:.
397:^
380:.
355:.
335:.
273:.
262:^
252:.
226:^
216:.
192:.
161:,
1981:e
1974:t
1967:v
1956:.
1137:)
1129:(
474:e
467:t
460:v
444:.
419:.
391:.
366:.
341:.
320:.
291:.
256:.
220:.
76:)
69:)
55:)
48:)
23:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.