This modification consists of malware that exploits the vulnerability in an algorithm of the SMB protocol that is implemented in Windows operating systems. The malware is more commonly known as EternalBlue. If the attack succeeds, the intruder can execute his code in the name of the “system” user.
Geographical distribution of attacks by Exploit.Python.Agent.w modification
|Country||Percentage of users*|
|3||Iran, Islamic Republic of||16.44|
* Percentage of all unique Kaspersky users worldwide who have been attacked by this malware