Be Careful What You Click
Those leaked NSA TAO tools have been in the wild for a few weeks now.....and now we have this.
"According to CrowdStrike's vice president of intelligence Adam Meyers, the initial spread of WannaCry is coming through spam, in which fake invoices, job offers and other lures are being sent out to random email addresses. Within the emails is a .zip file, and once clicked that initiates the WannaCry infection.
But the most concerning aspect of WannaCry is its use of the worm-like EternalBlue exploit. "This is a weapon of mass destruction, a WMD of ransomware. Once it gets into an unpatched PC it spreads like wildfire," he told Forbes. "It's going through financials, energy companies, healthcare. It's widespread."
Given the malware is scanning the entire internet for vulnerable machines, and as many as 150,000 were deemed open to the Windows vulnerability as of earlier this month, WannaCry ransomware explosion is only expected to get worse over the weekend."
Read the whole piece here WannaCry exploit
The WannaCry malware currently is wreaking havoc with the UK healthcare system.
This attack uses the leaked Eternalblue malware from NSA and is a nasty one. Yet another reason to move away from Windows and into a Linux based distro (preferably a hardened one).