The Shadow Brokers-the mysterious person or group that over the past eight months has leaked a gigabyte worth of the National Security Agency's weaponized software exploits-just published its most significant release yet. These appear to have been stolen sometime in 2013 and were 0-days at the time targeting Windows 8 and Windows Server 2013.
Cris Thomas (aka Space Rogue), strategist at Tenable Network Security told IBTimes UK, "There appears to be at least several dozen exploits, including zero-day vulnerabilities in this release".
"TheShadowBrokers rather being getting drunk with McAfee on desert island with hot babes".
"Maybe if all surviving WWIII, theshadowbrokers be seeing you next week", Friday's post read. At the time, it seemed the auction was more publicity stunt than money-making endeavor and that suspicion was confirmed last week, when they released the password for the auction tools for free.
The problem, even if you run Windows 10, is that everybody from the corner store to your credit-card processor may not be.
Hickey provided The Intercept with a video of FUZZBUNCH being used to compromise a virtual computer running Windows Server 2008-an industry survey from 2016 cited this operating system as the most widely used of its kind.
According to Mathew Hickey, founder of UK-based Hacker House, who analysed the Shadow Brokers' latest dump, there are over 20 distinct exploits. It also included a framework dubbed Fuzzbunch, a tool that resembles the Metasploit hacking framework that loads the binaries into targeted networks.
ERRATICGOPHER, an SMB exploit targeting Windows XP and Server 2003.
It's not known how numerous exploits, if any, are unknown to the manufacturer.
Reuters reports that SWIFT also claims there's no evidence its network has been accessed. According to the files, two NSA programs known as JEEPFLEA_POWDER and JEEPFLEA_MARKET exist to specifically compromise SWIFT bureaus and services.
Friday morning, the Shadow Brokers published documents that-if legitimate-show just how thoroughly U.S. intelligence has compromised elements of the global banking system.
The data appears to originate in September 2013 and details how operatives could penetrate the firewalls and monitor the transactions of the largest SWIFT Service Bureau of the Middle East, called EastNets.
EastNets had denied being hacked, telling WIRED there is "no credibility to the online claim of a compromise of EastNets customer information on its SWIFT service bureau". Despite manufacturers racing to mend their products, hackers have been found trying to take advantage of the hacking techniques from that first release of source code. Besides specific data concerning specific servers, the archive also includes reusable tools to extract the information from Oracle databases such as a list of database users and SWIFT message queries.
The new leaks renew the group's call for monetary compensation.