Categories: NewsSecurity

A Security Researcher Created a Tool to Test for NSA’s DoublePulsar Malware

Recently, the Shadow Brokers hacking group revealed a number of hacking tools that are believed to have been developed and used by the U.S. National Security Agency (NSA). Among these was the DoublePulsar ‘implant’, which is essentially a malware downloader that serves as an intermediary for potent malware to reach infected computers. A security researcher has now created a tool that will allow you to know if your computer is infected or not.

Thousands of infected devices discovered

Luke Jennings, a security researcher at Countercept, wrote a script in response to the high-profile cyberweapon leak. The script, which requires some programming knowledge to use, can be downloaded on GitHub

. It allows users to know whether they are infected with DoublePulsar.

Several security researchers decided to use Jennings’ script to find computers that have been hit by the NSA’s malware downloader. Results varied widely, as some have shown roughly 10,000 infected machines, while others managed to get to as much as 100,000.

Numbers may vary widely because of DoublePulsar’s design. The malware is designed not to persist on a user’s device in order to avoid detection, making its lifespan relatively short. According to some, a simple reboot may be enough to get rid of DoublePulsar. However, it won’t help with the malware associated with it.

Microsoft, which has released patches that fix the flaws the NSA’s tool took advantage of, has called the script’s accuracy into question, issuing a statement to Ars Technica that read:

“We doubt the accuracy of the reports and are investigating”

Related Post

Researchers are still working on DoublePulsar, as it will take time to determine how many machines are actually infected. Whether the script is accurate or not, users should still take preventive measures. Since DoublePulsar was leaked, security researchers are now worried that malicious hackers may start using the tool to download malware onto unsuspecting victims. According to PCWorld

, machines running outdated versions of Windows are particularly vulnerable.

Infected computers throughout the world

According to tweets published by penetration test company Below0Day, the United States are the most affected country with 11,000 compromised computers. Other countries, including Germany and the United Kingdom, have over 1,500. It isn’t clear when the machines were infected.

Jennings has said that his script was created to help businesses identify DoublePulsar within their networks, not to scan the whole internet in search of infected machines. Dan Tentler, founder of security shop Phobos Group, has tested Jennings’ script by manually checking 50 flagged computers. All 50 were, indeed, infected.

As such, security researchers believe users should install all available patches as soon as possible in order to fix the problem. Older operating systems, such as Windows XP and Windows Server 2003 are at risk, as these are no longer being supported. Running antivirus might also help keep malware away.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

Francisco Memoria

Francisco is a cryptocurrency enthusiast who's lucky enough to be able to write about his passion.

Share
Published by
Francisco Memoria
Tags: NSANSA Leak

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

7 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

8 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

8 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

9 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

12 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

13 hours ago