DoublePulsar NSA hack silently attacking.

[NZLaurence]

Looks like there is another silent NSA hack called DoublePulsar that allows the taking over of the kernal. The piece is a bit of a fluff but its got some interesting bits. 

 

Quote

“The world is burning about WannaCry, but this is a nuclear bomb compared to WannaCry,” Mr. Ben-Oni said. “This is different. It’s a lot worse. It steals credentials. You can’t catch it, and it’s happening right under our noses.”

Quote

But in this case, modern-day detection systems created by Cylance, McAfee and Microsoft and patching systems by Tanium did not catch the attack on IDT. Nor did any of the 128 publicly available threat intelligence feeds that IDT subscribes to. Even the 10 threat intelligence feeds that his organization spends a half-million dollars on annually for urgent information failed to report it. He has since threatened to return their products.

 

https://www.nytimes.com/2017/06/22/technology/ransomware-attack-nsa-cyberweapons.html

[Shreyas1]

Is it a patched exploit ?

[MadModder]

Good grief! Your making me want to reach over and unplug my router.

[2FA]

10 minutes ago, Shreyas1 said:

Is it a patched exploit ?

It is patched but Ben-Oni said it still managed to get through.

[sazrocks]

But... what is it? After reading this I have no idea.

 

Edit: Even after reading the article, I still have no idea.

 

It is a kernel level exploit. That could mean hundreds of different things. Heck I didn't see the article say what OSs it affected.