DoublePulsar Explained

Learn about DoublePulsar with recommended actions and helpful resources

DoublePulsar is an implant leaked by the ShadowBrokers group earlier this year that enables the execution of additional malicious code. It's commonly delivered by the EternalBlue exploit, and is most famous from its recent use to deploy the Wanna Decryptor 2.0 (WannaCry) ransomware. Even with industry leading AV, IDS, and VM solutions, DoublePulsar attacks have been proven difficult to prevent and detect. 

But have no fear. Rapid7’s security solutions are uniquely able to detect and prevent the use of the DoublePulsar implant. Metasploit Pro can quickly identify vulnerable systems, InsightIDR can detect suspicious windows service payloads like DoublePulsar, and InsightVM can help you identify which systems are vulnerable to exploits like EternalBlue, as well as create a remediation plan to get them fixed quickly.

Below, get a free trial of Metasploit Pro to see quickly if your systems are vulnerable. We've also compiled a number of resources to help you take immediate action to prepare for and defend against DoublePulsar.

Are you infected with DoublePulsar?

Find out with a
free Metasploit Pro trial

Download Now

DoublePulsar Resources

We know this is a lot to take in. If you have specific questions or would like further assistance, we're here to help. Please contact us at +1–866–7RAPID7 (Toll Free) or +1–617–247–1717. Get international contact information here.  

Looking to simulate an attack on your network?