ETERNALBLUE, an alleged NSA exploit targeting the SMBv1 protocol, was leaked by the Shadow Brokers in mid-April. The tool’s notoriety comes from its successful usage as part of the WannaCry ransomware’s self-spreading mechanism. The exploit has been added as a module to the Metasploit framework, used by security researchers to test their computers for vulnerabilities. FireEye published a report today, revealing it found it used with a version of the Gh0st RAT in Singapore and together with the Nitol backdoor trojan across the South Asia region.
Source: https://www.bleepingcomputer.com/news/security/eternalblue-nsa-exploit-becomes-commodity-hacking-tool-spreads-to-other-malware/