NSA's powerful Windows hacking tools leaked online

Adjust Comment Print

Previous releases by the Shadow Brokers have contained tools and exploits that analysts have stated were years old and for which many companies had issued patches and updates. "TheShadowBrokers rather being getting drunk with McAfee on desert island with hot babes", an apparent reference to eccentric anti-virus mogul John McAfee. This may well be the most damaging dump against the NSA to date, and it is without question the most damaging post-Snowden release.

"Maybe if all surviving WWIII, theshadowbrokers be seeing you next week", the group wrote on Friday.

ETERNALROMANCE - Remote privilege escalation (SYSTEM) exploit (Windows XP to Windows 2008 over TCP port 445).

Among the exploits revealed were tools that can reportedly be used to hack into computers using Microsoft Windows, leading to fears that millions of users could be vulnerable to malicious hackers. "Who knows what we having next time?"

Shadow Brokers did not provide a coherent explanation of why they chose to publish the Microsoft and SWIFT vulnerabilities.

"This is a nation-state toolkit available for anyone who wants to download it - anyone with a little bit of technical knowledge can download this and hack servers in two minutes", Hickey said.

A large database of hacking tools and security exploits used by the US National Security Agency (NSA) has reportedly leaked online, described by experts as one of the most significant breaches since the Edward Snowden revelations.

EMPHASISMINE, a remote IMAP exploit for later versions of Lotus Domino.

Tax Day marches call on Trump to release income tax returns
A local councilman hopes a bill aimed at Donald Trump's Bronx golf course will force the president to turn over his tax returns. Schumer criticised Trump for not following through on campaign promises to tackle trade with China on day one of his presidency.

ETERNALSYNERGY - Windows 8 and Windows Server 2012. As a result, the security consultants they spoke with generally agree that Windows 10 is safe from these tools.

For example, the Eternalblue exploit leverages the Server Message Block and NetBT protocols to hijack the system. These exploits are particularly troublesome because, by definition, they have not been patched. Additionally, the release included previously unknown tools, including an exploitation framework identified as "FUZZBUNCH".

SWIFT, based in Belgium, released a less categorical statement, saying, "we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorized third parties". The swift folder contains PowerPoint slides suggesting that the Middle East network used by the Society for Worldwide Interbank Financial Telecommunication (SWIFT) for financial transactions was targeted by the NSA, according to a blog post by Microsoft Most Valuable Professional Matt Suiche.

In a tweet, EastNets claimed there was no credibility to claims their machines were compromised.

"The reports of an alleged hacker-compromised EastNets Service Bureau network is totally false and unfounded", a spokesperson said.

TechCrunch reported the data dump keyed on exploits centered around the SWIFT Alliance Access.

In a statement on its website EastNets rejected the allegations.