Stealth Backdoor Abused NSA Exploit Before WannaCrypt

The malware appears to have been distributed from an IP (182.18.23.38) located in China.

Read full news article on SecurityWeek