Hacking group publishes NSA exploits online

15 Apr 2017

A hacking group has dumped a collection of spy tools allegedly used by the National Security Agency, online.

The exploits, published by the Shadow Brokers yesterday, contained vulnerabilities in Windows computers and servers. They might have been used for targeting a global banking system, with one collection of 15 exploits containing at least four Windows hacks that researchers had already been able to replicate.

"This is quite possibly the most damaging thing I've seen in the last several years," said Matthew Hickey, founder of security firm Hacker House. "This puts a powerful nation state-level attack tool in the hands of anyone who wants to download it to start targeting servers."

The exploits are aimed at a number of Windows servers and Windows operating systems, including Windows 7 and Windows 8. Hickey, had tested the  exploits in his UK firm's lab and confirmed they "work just as they are described."

The Shadow Brokers, a group of anonymous hackers had published hacking tools used by the NSA last year. The group returned last Saturday and published a batch of NSA exploits it had earlier tried, and failed, to sell. This Friday's release contained more serious exploits.

Along with the tools the group also published presentations and files purporting to detail the agency's methods of carrying out clandestine surveillance.

Several documents showed that the NSA used the Windows hacking tools to target a number of banks, including the SWIFT banking system.

The dump of Windows exploits, that was likely to cause the most damage and embarrassment to the intelligence agency had been expected since the hacking group first emerged on the scene last year.
 
It may be recalled that last year, hacking tools that were confirmed to belong to the NSA's so-called Equation Group were stolen in one of the biggest breaches of classified files since the Edward Snowden revelations.