Researchers from security firm Binary Edge found DoublePulsar on more than 107,000 computers in one internet scan. Errata Security CEO Rob Graham and researchers from Below0day also performed separate scans, which led to the discovery of some 41,000 and 30,000 infected machines, respectively. DoublePulsar remains stealthy by not writing files to the target computers in order to avoid persisting following a reboot. Some find it hard to believe the figures as the NSA is known for aborting a mission if it is on the verge of being detected. Security experts believe, however, that other hackers have downloaded the DoublePulsar binary released by Shadow Brokers and used it to infect Windows computers. Fortunately, Windows 10 users are safe from the infection. Still, the best internet security practice is to avoid content that comes from suspicious sources. A – Visit https://doublepulsar.binaryedge.io/ to check for free if it says “infected”: false an implant has not been detected on your ip address. If it says “infected”: true an implant was detected in one of our scans. If you need more information or would like to do mass testing across your organization please contact us on [email protected] we work with companies around the world that use us to monitor their perimeters. Q – Does this mean the NSA infected 106,410 machines? A – Probably not, this has been released for a while, the implant is beautifully designed and could have been used by other actors. Q – Is your number right? A – Multiple professionals have checked the detection script and agree it is well written and working well. We merely do the scanning and show the data of responses to that script. Q – Should I panic? A – Like any other infosec subject, panic doesn’t help. Talk with the person responsible for security at your organizations.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
