Leaked SMB exploits make malware powerful, warns Cylance


Exploits of Microsoft’s server message block (SMB) protocol have been an “unmitigated success” for malware writers, according to researchers at security firm Cylance.

In April 2017, the Shadow Brokers hacking group leaked an arsenal of tools it claimed to have stolen from the US National Security Agency (NSA).

The first of these tools to gain prominence was EternalBlue, an SMB protocol exploit that was a key component of the WannaCry global ransomware attacks in May 2017.