'Not A Drill': Panic As NSA's Windows Hacking Tools Leaked [Updated]

Chris Menahan
InformationLiberation
Apr. 14, 2017

"This is not a drill," notorious NSA whistleblower Edward Snowden says.

Malware used by the NSA to hack into Microsoft Windows systems was reportedly leaked just hours ago, meaning anyone who gets the software will have the virtual "keys to the kingdom" and can hack into practically any computer running Windows they want.

UPDATE: Microsoft says they patched the vulnerability in March for all their actively supported Windows products.







Windows 10 is allegedly safe:


The NSA allegedly knew the leaks were coming but did nothing:



The Intercept got video of one of the hacks in question:



From The Intercept:
The ShadowBrokers, an entity previously confirmed by The Intercept to have leaked authentic malware used by the NSA to attack computers around the world, today released another cache of what appears to be extremely potent (and previously unknown) software capable of breaking into systems running Windows. The software could give nearly anyone with sufficient technical knowledge the ability to wreak havoc on millions of Microsoft users.

The leak includes a litany of typically codenamed software "implants" with names like ODDJOB, ZIPPYBEER, and ESTEEMAUDIT, capable of breaking into -- and in some cases seizing control of -- computers running version of the Windows operating system earlier than the most recent Windows 10. The vulnerable Windows versions ran more than 65 percent of desktop computers surfing the web last month, according to estimates from the tracking firm Net Market Share.

The crown jewel of the implant collection appears to be a program named FUZZBUNCH, which essentially automates the deployment of NSA malware, and would allow a member of agency's Tailored Access Operations group to more easily infect a target from their desk.

According to security researcher and hacker Matthew Hickey, co-founder of Hacker House, the significance of what's now publicly available, including "zero day" attacks on previously undisclosed vulnerabilities, cannot be overstated: "I don't think I have ever seen so much exploits and 0day [exploits] released at one time in my entire life," he told The Intercept via Twitter DM, "and I have been involved in computer hacking and security for 20 years." Affected computers will remain vulnerable until Microsoft releases patches for the zero-day vulnerabilities and, more crucially, until their owners then apply those patches.

"This is as big as it gets," Hickey said. "Nation-state attack tools are now in the hands of anyone who cares to download them…it's literally a cyberweapon for hacking into computers…people will be using these attacks for years to come."
Windows said they're reviewing the hack:
A Microsoft spokesperson told The Intercept "We are reviewing the report and will take the necessary actions to protect our customers." We asked Microsoft if the NSA at any point offered to provide information that would help protect Windows users from these attacks, given that the leak has been threatened since August 2016, to which they replied "our focus at this time is reviewing the current report." Asked again, the spokesperson replied that Microsoft has "nothing further to share."
Last week the same Shadow Brokers released the password to a collection of NSA hacking tools to protest President Trump for "abandoning his base."


Follow InformationLiberation on Twitter and Facebook.













All original InformationLiberation articles CC 4.0



About Us - Disclaimer - Privacy Policy