NSA's powerful Windows hacking tools leaked online

NSA's powerful Windows hacking tools leaked online

This entire saga all started Friday after a hacker group known as the Shadow Brokers released tools created to target Windows PCs and servers, along with presentations and files purporting to detail the agency's methods of carrying out clandestine surveillance.

Some of the records released by The Shadow Brokers bear NSA seals, but Reuters could not confirm their authenticity. The NSA is now facing criticism for not sharing details of the exploits with Microsoft once it became clear the tools were in the hands of a hacking group.

While EastNets vehemently denied it was breached just hours after the dump, Microsoft took a more proper approach and said it was reviewing and testing the exploits.

He added that NSA "completely hacked" EastNets, one of two SWIFT service bureaus named in the documents that were released by the Shadow Brokers.

Microsoft could not be reached for comment by Business Insider but a spokesperson told ZDNet's Zack Whittaker.

Last week, the Shadow Brokers protested Donald Trump's involvement in Syria when they released a password that unlocked a trove of NSA exploits.

The dump was the second from Shadow Brokers this week, but the first that contained major exploits in several months. This would normally mean either that Microsoft somehow found (or purchased) all the vulnerabilities The Shadow Brokers were auctioning off, or perhaps that someone anonymously alerted Microsoft about the bugs.

"They may have been used to target a global banking system".

In a break with tradition, Microsoft did not credit the person who reported the SMB flaw to the company.

Microsoft has today published a response to the new leak, saying their engineers have investigated the disclosed exploits and reassured Windows users that most of the exploits have already been patched.

The following is a table that shows the name of the exploit and how Microsoft has resolved it.

A group of hackers released on Friday what appears to be the most extensive data dump from the National Security Agency.

Those exploits could have allowed an attacker to compromise affected computers on a range of Windows versions. Hickey demonstrated in a video that one of the exploits in the leak can easily trigger remote code execution in a machine running Windows Server 2008 R2 SP1. Belgium-based SWIFT on Friday downplayed the risk of attacks employing the code released by hackers and said it had no evidence that the main SWIFT network had ever been accessed without authorization.

On Friday, Microsoft also said it was still studying the leak, and it "will take the necessary actions to protect our customers".

The authenticity of Friday's document dump could not immediately be determined but the group's previous releases have been corroborated by material leaked by former USA intelligence contractor Edward Snowden and software patches issued by major US technology firms.

Related news: