A tool developed by the US National Security Agency (NSA) that exploits a flaw in Windows is behind the ongoing ransomware attack on the city of Baltimore, according to reports.
It’s called EternalBlue and according to The New York Times, it’s been used to shut down Baltimore’s government, locking employees out of email accounts and residents out of essential online services since 7 May.
Confusingly, EternalBlue exploits a vulnerability also called EternalBlue, which is a flaw in certain versions of Microsoft’s Windows XP and Vista systems, allowing hackers to execute remote commands on their target. The EternalBlue tool was developed by the NSA in the early part of this decade and was in use for more than five years, according to the Washington Post, until it was stolen from the agency in April 2017 by the hacking group The ShadowBrokers, which promptly leaked it online. .