Cyber criminals are currently actively using the NSA exploits last week by the hacker group Shadow Brokers were made public to provide servers backdoors and possibly spreading ransomware. Let know several security researchers.
Thus Double Pulsar tool found on the various servers. The NSA would use this tool after it has been through an exploit access to a server. In addition, security reports SenseCy that there is currently a "trend" going where the leaked NSA exploits used to infect Windows Servers with ransomware. The attackers were using either a vulnerability in Windows SMB Server make that Microsoft patched in March.
Further details are not given, however, about this ransomware attacks. Earlier researcher Kevin Beaumont predicted that the NSA exploits a ransomware worm would be used. "It's the next logical step yields for worms and criminals, because the money and is easy to do," says the researcher. Beaumont says that if known exploits are currently being used to servers a backdoor provide.