Shadow Brokers publishes new exploits attributed to the NSA for Windows, Office and banking systems
The group of hackers Shadow Brokers reveals new compromised information related to the hacking tools attributed to the American National Security Agency (NSA). This new information has been made public through GitHub. It is a series of tools and exploits that would allow attacking Windows systems as well as banking systems.
This information allows to deduce that the NSA would have spied the SWIFT system of financial messaging, in particular, a section that serves to banks of Middle East.
In addition, one of the tools exposed could also be related to the Stuxnet worm, which affected in 2010 industrial control systems in an Iranian nuclear plant.
For its part, Microsoft has already published in its official blog the patches for the vulnerabilities that affected its products, and also Talos, the Cisco`s security research team, has published the list of SNORT rules that allow to detect the attacks that use the vulnerabilities disseminated by Shadow Brokers.
References:
- 15/08/2016 certsi.es Publicadas herramientas de un grupo de hackers vinculado a la NSA estadounidense
- 14/04/2017 blogs.technet.microsoft.com Protecting customers and evaluating risk
- 14/04/2017 vice.com Shadow Brokers Dump Alleged Windows Exploits and NSA Presentations on Targeting Banks
- 14/04/2017 github.com The Shadow Brokers "Lost In Translation" leak
- 14/04/2017 vice.com Your Government's Hacking Tools Are Not Safe
- 14/04/2017 threatpost.com ShadowBrokers Expose NSA Access to SWIFT Service Bureaus
- 14/04/2017 mspoweruser.com Shadow Brokers spill new NSA Windows exploits on the net that can offer “God Mode” to hackers
- 14/04/2017 wired.com Major Leak Suggests NSA Was Deep in Middle East Banking System
- 14/04/2017 genbeta.com Los Shadow Brokers ahora han publicado herramientas para hackear Windows y sistemas bancarios
- 15/04/2017 efe.com Filtración pirata sugiere que EEUU espió comunicación bancaria internacional
- 15/04/2017 blog.talosintelligence.com Cisco Coverage for Shadow Brokers 2017-04-14 Information Release
- 19/04/2017 vice.com The New Shadow Brokers Leak Connects the NSA to the Stuxnet Cyber Weapon Used on Iran