News & Press

Nuspire’s Security Researchers Discover Uptick in Double Pulsar Backdoor Attacks Targeting Mid-Sized Businesses

Managed Security Services Provider (MSSP), Nuspire today released research identifying exploits as the fastest growing threat vector targeting its customer base this year, with more than 38 million detections since January 2019. Of detected exploits,19% identified as Double Pulsar, one of two NSA toolkits leaked in 2017.

“The rise we’ve seen in Double Pulsar exploit attempts correlates with recent findings of toolkit re-engineering,” said Matt Corney, Chief Technology Officer at Nuspire. “At disclosure in 2017, Double Pulsar infected over 200,000 windows machines as part of the WannaCry ransomware attack. While this vector has been in the wild for more than two years, this rise demonstrates attackers’ ingenuity in adapting successful toolkits, and reinforces the importance of real-time threat detection to block pervasive attacks.”

Nuspire’s Quarterly Threat Report correlates more than 90 billion logs across the company’s thousands of global network sensors. Customers include Fortune 100 and mid-sized businesses operating in the manufacturing, healthcare and financial services industries.

“Our data indicates that threat actors continue to favor campaign-based attacks over brute force and one-off attack methods,” said Shawn Pope, Security Analyst at Nuspire. “The data also reinforces that these vectors are targeting an organization’s vulnerabilities, whether they’re large or small.”

Also noted in the report; phishing campaigns remained prevalent as researchers noted a 70% increase in attacks, with the banking trojan Emotet used as the primary payload. Additional report findings include:

  • A 91% increase in activity related to CVE-2017-11882: a vulnerability found in MSOffice and leveraged to deliver a variety of malware payloads.
  • A significant rise in Sora botnet activity.
  • A spike in IoT Mirai variant attacks targeting common router brands including Netgear, Netcore/Netis and D-Link.

About Nuspire

Nuspire is the Managed Security Services (MSS) provider of choice, delivering the greatest risk reduction per cyber-dollar spent. The company’s 24×7 Security Operations Centers (SOCs) and managed detection and response (MDR) service combines award-winning threat detection and response technology with human intervention and analysis, providing end-to-end protection across the gateway, network and endpoint ecosystem. Nuspire pioneered distributed, managed security services within the enterprise and franchise market and today protects thousands of locations globally. For more information, visit https://www.nuspire.com and follow @Nuspire.