A group of hackers released a database of spying tools supposedly used by the National Security Agency (NSA). Made public by a collective known as the Shadow Brokers, the collection is said to target vulnerabilities in Windows computers and system.
Experts said these tools might have been utilised in hacking into certain global banking systems, with another fifteen exploits containing Windows hacks that researchers easily duplicated.
Microsoft did announce that the exploits have been patched in earlier updates and cannot be duplicated on some supported systems. Windows users are urged to update their software and upgrade to at least Windows 7 to be safe.
Industry experts believe this leak might be one of the most damaging ones in recent years, saying that it puts a powerful state-level attack tool in the hands of anyone who wishes to use it for their own motives.
The leaked NSA tools are said to target a vast selection of Windows operating systems and servers – including Windows 7 and 8. Researchers were able to duplicate and test the exploits, confirming the tools’ effectiveness in compromising Windows machines.
Shadow Brokers are a group of unidentified hackers that already released NSA hacking tools in 2016. The group returned with a new batch of tools with the intent to sell to other cybercriminals; fortunately, they came up empty-handed.
Experts believe this might be one of the most damaging leaks in recent years – one that puts a powerful tool within the public’s reach.
Their recent releases contained weird and misspelt blogs, with recent posts attacking the Trump administration. The Shadow Brokers also complained how the media did not cover or publicise their activities much.
The Windows hacking tools could ideally be used to propagate surveillance and victimise Windows users. While the common Windows user could be targeted, researchers believe these tools would be aimed at business entities.
“We’ve investigated and confirmed that the exploits disclosed by the Shadow Brokers have already been addressed by previous updates to our supported products. Customers with up-to-date software are already protected,” said a Microsoft spokesperson.
Microsoft added that they had not been in contact with anyone from the government since the list of hacking tools were released. The only people to contact Microsoft since the release were from the media.
Researchers also said that the hacking tools could have been used to target the SWIFT financial system – specifically their anti-money laundering arm EastNets – as the leaked documents seemed to have related passwords and other data.
While the US government has had access to the SWIFT systems for a while, researchers said that the NSA might have gone beyond their official access.
SWIFT and EastNets, however, have denied seeing any unauthorised access to their networks.
Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.