The identity of Shadow Brokers is unknown though many security experts believe the group that surfaced in 2016 is linked to the Russian government. The victims have been advised not to pay the $300 ransom requested by the hackers, who've threatened to wipe PCs of those who don't pay up in a given timeframe.
Avast said the majority of the attacks targeted Russia, Ukraine and Taiwan.
"Some analysts are suggesting by sinkholing the domain we stopped the infection?"
A worldwide WannaCry (also known as WannaCrypt) ransomware attack that wreaked havoc in United Kingdom hospitals and Russian telecom networks, could resurface today as workers return to the office, experts have warned.
The country is least prepared to tackle the ransomware virus "WannaCry" because of the low level of awareness about malicious software, a senior official looking after West Bengal's IT security said.
VTB did not comment on whether it was attacked but said its systems and of those of its VTB24 retail banking business were operating normally.
Nations need to see the attack as a wake-up call, said Smith.
"It's one of those things, in a ideal world, if people were up to date on the patches, this wouldn't be a problem", O'Leary said.
Ransomware has become the biggest threat to organisations and governments trying to protect critical infrastructure.
Microsoft added that it had released a security update in March that could fight the ransomware, and that the affected computers had not been updated.
Urging businesses and computer users to keep their systems current and updated, Smith says the WannaCry attack shows the importance of collective action to fight cyber crime.
WannaCry has already caused massive disruption around the globe. Among the organizations hit were FedEx in the United States, the Spanish telecom giant Telefónica, the French automaker Renault, Nissan's UK auto plant, universities in China, Germany's Deutsche Bahn federal railway system. The NHS said in a statement on Saturday that there was no evidence that patient information had been compromised.
"This event should serve as a global wakeup call - the means of delivery and the delivered effect is unprecedented", Rich Barger, Director of Cyber Research at Splunk, said.
In Spain, major companies including telecommunications firm Telefonica have been infected.
"There's some truth to the idea that people are always going to hack themselves", said Dan Wire, a spokesman for security firm FireEye.
Cyber security experts say the spread of the virus dubbed WannaCry - "ransomware" which locked up computers in auto factories, hospitals, shops and schools in several countries - has slowed, but that any respite might be brief.
As technical support website Bleeping Computer explains, it involves downloading some programs to clean your computer of the infection.
After the WannaCry cyberattack hit computer systems worldwide, Microsoft says governments should report software vulnerabilities instead of collecting them. Here's how to turn automatic updates on.
The researchers said, however, the tools are not ideal and only work if the infected computers have not been rebooted after being hit by the program. The DoublePulsar portion of the code then installs a backdoor into affected computer systems, allowing for remote control of the personal computers.