DOUBLEPULSAR, one of the NSA hacking tools leaked last Friday by the Shadow Brokers, has been used in the wild by ordinary hackers, who infected over 36,000 computers across the world. The tools are designed to take advantage of vulnerabilities in the SMB (Server Message Block) protocol, which provides file sharing capabilities between Windows computers. Experts expect more unpatched computers to fall victims to DOUBLOULSAR. Below0Day has performed an Internet-wide scan for Windows computers with open SMB ports (port 445)
Source: https://www.bleepingcomputer.com/news/security/over-36-000-computers-infected-with-nsas-doublepulsar-malware/