EternalBlue Exploit Spreading Gh0st RAT, Nitol Posted on June 3, 2017 by Simon Steed FireEye said threat actors are using the NSA’s EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT.