NSA's powerful Windows hacking tools leaked online

Adjust Comment Print

Previous releases by the Shadow Brokers have contained tools and exploits that analysts have stated were years old and for which many companies had issued patches and updates. "TheShadowBrokers rather being getting drunk with McAfee on desert island with hot babes", an apparent reference to eccentric anti-virus mogul John McAfee. This may well be the most damaging dump against the NSA to date, and it is without question the most damaging post-Snowden release.

"Maybe if all surviving WWIII, theshadowbrokers be seeing you next week", the group wrote on Friday.

ETERNALROMANCE - Remote privilege escalation (SYSTEM) exploit (Windows XP to Windows 2008 over TCP port 445).

Among the exploits revealed were tools that can reportedly be used to hack into computers using Microsoft Windows, leading to fears that millions of users could be vulnerable to malicious hackers. "Who knows what we having next time?"

Shadow Brokers did not provide a coherent explanation of why they chose to publish the Microsoft and SWIFT vulnerabilities.

"This is a nation-state toolkit available for anyone who wants to download it - anyone with a little bit of technical knowledge can download this and hack servers in two minutes", Hickey said.

A large database of hacking tools and security exploits used by the US National Security Agency (NSA) has reportedly leaked online, described by experts as one of the most significant breaches since the Edward Snowden revelations.

EMPHASISMINE, a remote IMAP exploit for later versions of Lotus Domino.

Samsung says Galaxy S8 pre-orders beat S7
The stock price of Samsung climbed 1.24% to around 2.1 million won per share in South Korea on Thursday, April 13. Though, the U.S. variants of the Galaxy S8 and the S8+ come with Qualcomm's latest Snapdragon 835 processor.

ETERNALSYNERGY - Windows 8 and Windows Server 2012. As a result, the security consultants they spoke with generally agree that Windows 10 is safe from these tools.

For example, the Eternalblue exploit leverages the Server Message Block and NetBT protocols to hijack the system. These exploits are particularly troublesome because, by definition, they have not been patched. Additionally, the release included previously unknown tools, including an exploitation framework identified as "FUZZBUNCH".

SWIFT, based in Belgium, released a less categorical statement, saying, "we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorized third parties". The swift folder contains PowerPoint slides suggesting that the Middle East network used by the Society for Worldwide Interbank Financial Telecommunication (SWIFT) for financial transactions was targeted by the NSA, according to a blog post by Microsoft Most Valuable Professional Matt Suiche.

In a tweet, EastNets claimed there was no credibility to claims their machines were compromised.

"The reports of an alleged hacker-compromised EastNets Service Bureau network is totally false and unfounded", a spokesperson said.

TechCrunch reported the data dump keyed on exploits centered around the SWIFT Alliance Access.

In a statement on its website EastNets rejected the allegations.