Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA-Leaking Shadow Brokers Just Dumped Its Most Damaging Release Yet (arstechnica.com)

Posted by BeauHD on from the shrouded-in-secrecy dept.

An anonymous reader quotes a report from Ars Technica: The Shadow Brokers -- the mysterious person or group that over the past eight months has leaked a gigabyte worth of the National Security Agency's weaponized software exploits -- just published its most significant release yet. Friday's dump contains potent exploits and hacking tools that target most versions of Microsoft Windows and evidence of sophisticated hacks on the SWIFT banking system of several banks across the world. Friday's release -- which came as much of the computing world was planning a long weekend to observe the Easter holiday -- contains close to 300 megabytes of materials the leakers said were stolen from the NSA. The contents (a convenient overview is here) included compiled binaries for exploits that targeted vulnerabilities in a long line of Windows operating systems, including Windows 8 and Windows 2012. It also included a framework dubbed Fuzzbunch, a tool that resembles the Metasploit hacking framework that loads the binaries into targeted networks. Independent security experts who reviewed the contents said it was without question the most damaging Shadow Brokers release to date. One of the Windows zero-days flagged by Hickey is dubbed Eternalblue. It exploits a remote code-execution bug in the latest version of Windows 2008 R2 using the server message block and NetBT protocols. Another hacking tool known as Eternalromance contains an easy-to-use interface and "slick" code. Hickey said it exploits Windows systems over TCP ports 445 and 139. The exact cause of the bug is still being identified. Friday's release contains several tools with the word "eternal" in their name that exploit previously unknown flaws in Windows desktops and servers.

3 of 111 comments (clear)

  1. Need to order a drone strike against these traitor by Anonymous Coward · · Score: 1, Insightful

    The NSA has done nothing wrong. It's their duty to protect the United States by spying on threats to national security. Whoever is leaking this information needs to be on the receiving end of a drone strike.

  2. Re:Need to order a drone strike against these trai by CaptainDork · · Score: 3, Insightful

    It's their duty to protect their own goddam security and all Americans.

    Given that they know millions of Americans are at risk from exploits they have not reported to the vendors, by your logic, the NSA is a traitor organization and qualifies for a drone strike.

    --
    It little behooves the best of us to comment on the rest of us.
  3. Advance notice? by jodido · · Score: 5, Insightful

    Anybody else wonder if Microsoft is cooperating with the NSA? Seems like there are a lot of security issues and I wonder why MS hasn't seemed to be able to find them and why the NSA has.