One of the NSA hacking tools released in the Shadow Brokers leak earlier this month is already being used by hacking groups to infect almost a quarter of a million computers, the Swiss security company Binary Edge reports.

Called Doublepulsar, this malicious implant is a malware downloader used as an intermediary for downloading more potent malware files on infected host computers.