NSA Malware Jeopardizes the Safety of Windows Users

"It would give them a greater scope and access for reviewing and, indeed, trying to manipulate any of that financial records", the expert said.

Another exploit, dubbed EmeraldThread, is a remote Windows SMB exploit for Windows XP and 2003. That arsenal was reportedly part of what NSA analysts use to break into computers, networks and other systems to do their spy work. In fact the company itself has already announced today that its security experts have analyzed these leaks and zero-day attacks while ensuring that a lot of them have already been patched. Windows users should make sure their software is up to date and upgrade to Windows 7 or a newer version. Matthew Hickey, the founder of security firm Hacker House, stated that this is one of the most harmful things he has witnessed during the last few years.

On Friday, the Shadow Brokers released a number of what it said were NSA exploits for many versions of Windows and also details of what were said to be NSA intrusions into the SWIFT banking system. Hickey was able to test out exploits in his United Kingdom firm's lab and confirmed they "work just as they are described".

The "Shadow Brokers" is a group - believed to be tied to the Russian government - of anonymous hackers that published hacking tools used by the NSA past year.

When hacking group "Shadow Brokers" started leaking NSA-discovered exploits, many people were understandably anxious.

Coverage for the exploits and tools disclosed by the Shadow Brokers is available through Cisco's security products, services, and open source technologies. That release was the latest in a series of disclosures by the group in recent months.

Hickey said the Windows exploits leaked on Friday could be used to conduct espionage and target critical data in Windows-based environments. Another hacking tool known as Eternalromance contains an easy-to-use interface and "slick" code. A spokesperson for the NSA did not return a call Friday.

One theory among security practitioners is that the NSA itself reported the vulnerabilities to Microsoft, knowing that the tools would be dumped publicly.

"We encourage customers to ensure their computers are up-to-date", Misner said.

The document purports to show the infrastructure behind the system, along with another document, which shows that the NSA has deep access to some networks by exploiting VPN and firewall systems.

In the case of the NSA, the latest data dump from the Shadow Brokers suggests the NSA's motive was to surveil banking activity in the Middle East, not steal money, but any breach of security of the global messaging system could have significant consequences.

On Friday, Microsoft also said it was still studying the leak, and it "will take the necessary actions to protect our customers".

Related:

Comments


Other news