EternalBlue

lore

securityhacking

The NSA-developed SMB exploit leaked in 2017 that powered WannaCry and NotPetya.

Developed inside the NSA and leaked by the Shadow Brokers in April 2017, EternalBlue weaponized a flaw in SMBv1 that Microsoft had patched a month earlier as MS17-010; within weeks it was driving WannaCry, and soon after, NotPetya. It became the reference case in the debate over governments stockpiling vulnerabilities instead of disclosing them. The exploit's afterlife on unpatched networks lasted years beyond the headlines.

All glossary entries