At least one person is leveraging seven leaked NSA hacking tools for a new EternalRocks network worm. Malwarebytes believes WannaCry did not spread by a malicious spam email campaign but by a scanning operation that searched for vulnerable public-facing SMB ports. At least three different actors were leveraging the NSA EternalBlue exploit to infect, install backdoors and exfiltrate user credentials in networks around the world, including the U.S. The attack leaves no trace by spawning threads inside legitimate apps.”]
Source: https://www.csoonline.com/article/3197673/eternalrocks-network-worm-uses-7-nsa-hacking-tools.html