Kaspersky says it detected infections with DarkPulsar, alleged NSA malware

Kaspersky Lab said that it has detected computers infected with DarkPulsar, a malware implant that has been allegedly developed by the US National Security Agency (NSA). “All victims were located in Russia, Iran, and Egypt, and typically Windows 2003/2008 Server was infected,” the company said. “Targets were related to nuclear energy, telecommunications, IT, aerospace, and R&D.”

Kaspersky researchers were able to analyze DarkPulsar because it was one one of the many hacking tools that were dumped online in the spring of 2017. The hacking tools were leaked by a group of hackers known as the Shadow Brokers, who claimed they stole them from the Equation Group, a codename given by the cyber-security industry to a group that’s universally believed to be the NSA.

Read more about the recent detections of DarkPulsar malware on ZDNet.