Tool to remotely remove the NSA backdoor
Shadow Brokers leaked the NSA backdoor DoublePulsar is widely disseminated, and security company scanning found that at least tens of thousands of Windows computers were infected with DoublePulsar. The software giant issued a statement last week to doubt the number, and then it no longer responded.
Security company Countercept released this week a new version of the DoublePulsar detection script
, allowing anyone to remotely remove
detected doublePulsar on infected computers. Researcher Kevin Beaumont said that the detection tool sends a series of SMB information to query the networked computer, by modifying the two bytes of the query, the person performing the scan can remotely remove the infection.