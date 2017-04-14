Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


NSA-Leaking Shadow Brokers Just Dumped Its Most Damaging Release Yet (arstechnica.com) 35

Posted by BeauHD
An anonymous reader quotes a report from Ars Technica: The Shadow Brokers -- the mysterious person or group that over the past eight months has leaked a gigabyte worth of the National Security Agency's weaponized software exploits -- just published its most significant release yet. Friday's dump contains potent exploits and hacking tools that target most versions of Microsoft Windows and evidence of sophisticated hacks on the SWIFT banking system of several banks across the world. Friday's release -- which came as much of the computing world was planning a long weekend to observe the Easter holiday -- contains close to 300 megabytes of materials the leakers said were stolen from the NSA. The contents (a convenient overview is here) included compiled binaries for exploits that targeted vulnerabilities in a long line of Windows operating systems, including Windows 8 and Windows 2012. It also included a framework dubbed Fuzzbunch, a tool that resembles the Metasploit hacking framework that loads the binaries into targeted networks. Independent security experts who reviewed the contents said it was without question the most damaging Shadow Brokers release to date. One of the Windows zero-days flagged by Hickey is dubbed Eternalblue. It exploits a remote code-execution bug in the latest version of Windows 2008 R2 using the server message block and NetBT protocols. Another hacking tool known as Eternalromance contains an easy-to-use interface and "slick" code. Hickey said it exploits Windows systems over TCP ports 445 and 139. The exact cause of the bug is still being identified. Friday's release contains several tools with the word "eternal" in their name that exploit previously unknown flaws in Windows desktops and servers.



  • I use Windows 10. The safest OS every made. Unbreakable.

  • Thanks, NSA (Score:1)

    by Anonymous Coward

    The Shadow Brokers advertised the names of these exploits in January. The NSA had 3 months to warn Microsoft. But nope. Enjoy the 0day shitstorm that's about to drop.

  • The public at large is bound to care. (Score:1)

    by Anonymous Coward

    Eventually, right?

  • Wow, this code is really old. Almost 10 years old. You can tell by the excessive use of XML.

  • Advance notice? (Score:3)

    by jodido ( 1052890 ) on Friday April 14, 2017 @05:58PM (#54236897)
    Anybody else wonder if Microsoft is cooperating with the NSA? Seems like there are a lot of security issues and I wonder why MS hasn't seemed to be able to find them and why the NSA has.

  • bugs or backdoors? (Score:1)

    by Anonymous Coward

    I wonder how many of this "unknown bugs" used by "slick code" where put there on purpose in windows and how much is actual bugs.

    • I wonder how many of this "unknown bugs" used by "slick code" where put there on purpose in windows and how much is actual bugs.

      If you talk to people who have seen the older parts of Windows source, you start to become less conspiratorial. Much of the code was written when these machines were only networked if the company had a Novell network (yeah, yeah, both of you who ran LANMan can pipe down) and security wasn't even on the RADAR. Modern programmers at Microsoft are either disgusted or terrified by it

  • I'm glad I use Linux and not have to worry about these exploits and zero day attacks.

    • I'm glad I use Linux and not have to worry about these exploits and zero day attacks.

      Hey, the NSA probably has more people working on breaking linux than we have working on building it. Be ready to apply updates when SB drops that tranche. Practice defense-in-depth.

    • Re: (Score:1)

      by ozduo ( 2043408 )
      Are you taking the piss? Or are you just naive?

