Hacking tools were stolen from NSA - Almost all Windows affected

Page 1 of 15 12311 ... LastLast
  1. AndreTen's Avatar
    Posts : 15,170
    Windows 10 (Pro and Insider Pro)
       14 Apr 2017 #1

    Hacking tools were stolen from NSA - Almost all Windows affected


    Hackers group have posted online a set of tools for hacking Windows operating systems. Most of them was designed for older Windows up to 8.1, but some of them can be also used for gaining access to Windows 10.

    Tools were stolen from NSA last summer, but now they were posted online and available to almost anybody.

    No way to remain protected
    Security experts warn that with the hacking tools now available online, the number of attacks aimed at Windows systems is very likely to skyrocket during the weekend, especially because newbie hackers have more time to launch their attacks, while at the same time being able to find victims easily because users spend more time online on their days off.
    Edward Snowden has also confirmed the leak, explaining that “this is not a drill, NSA exploits affecting many fully-patched Windows systems have been released to the wild. NSA did not warn Microsoft.”
    As for ways to remain protected until Microsoft delivers patches, there’s really no hackerproof solution right now, other than running Windows 10, though there’s evidence that this operating system version can be hijacked as well. Security experts recommend to keep critical systems offline for a few days, at least until after the weekend, but it’s very clear this isn’t the most convenient solution right now.
    We’ve contacted Microsoft to ask for more information on this leak and we’ll update the article when an answer is offered.
    UPDATE: Microsoft has provided us with the following statement: "We are reviewing the report and will take the necessary actions to protect our customers."


    Read more on Softpedia: nsa-s-windows-hacking-tools-leaked-millions-of-users-exposed

    Update: WinBeta (onMSFT) reports that some vulnerabilities are fixed and provides links to security fixes on MS site..

    Update 2: Here is link to MS Blog article with security fixes

    Last edited by AndreTen; 15 Apr 2017 at 06:07.
      My ComputersSystem Spec

  2.    14 Apr 2017 #2

    Thanks for posting this. Great, just great. My "workload" just increased exponentially by Domegemegrottebytes.
      My ComputerSystem Spec


  3. Posts : 53
    Windowes 10 Pro 15063.332
       14 Apr 2017 #3

    and who did the nsa steal the hacking tools from in the first place?
      My ComputerSystem Spec


  4. Posts : 7,567
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       14 Apr 2017 #4

    Thanks for posting that, Andre.
      My ComputersSystem Spec

  5.    14 Apr 2017 #5

    ChaChaLaBoom said: View Post
    and who did the nsa steal the hacking tools from in the first place?
    The NSA develop them.
      My ComputerSystem Spec

  6.    14 Apr 2017 #6

    This is crazy.

    Leaked NSA Malware Threatens Windows Users Around the World

    “I don’t think I have ever seen so much exploits and 0day [exploits] released at one time in my entire life,” ... “and I have been involved in computer hacking and security for 20 years.”
    “This is as big as it gets,” ... “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”

      My ComputerSystem Spec


  7. Posts : 7,567
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       14 Apr 2017 #7

    simrick said: View Post
    This is crazy.
    It's beyond crazy. It's absolutely ludicrous. Wonder if MS is doing anything about this.
      My ComputersSystem Spec

  8.    14 Apr 2017 #8

    HippsieGypsie said: View Post
    It's beyond crazy. It's absolutely ludicrous. Wonder if MS is doing anything about this.
    Well, nothing has been done by MS since last August, when this stuff was stolen.
      My ComputerSystem Spec

  9.    14 Apr 2017 #9

    Shadow Brokers Release New Files Revealing Windows Exploits, SWIFT Attacks

    Summary
    EASYBEE appears to be an MDaemon email server vulnerability [source, source, source]
    EASYPI is an IBM Lotus Notes exploit [source, source] that gets detected as Stuxnet [source]
    EWOKFRENZY is an exploit for IBM Lotus Domino 6.5.4 to 7.0.2 [source, source]
    EXPLODINGCAN is an IIS 6.0 exploit that creates a remote backdoor [source, source]
    ETERNALROMANCE is a SMB1 exploit over TCP port 445 which targets XP, 2003, Vista, 7, Windows 8, 2008, 2008 R2, and gives SYSTEM privileges [source, source]
    EDUCATEDSCHOLAR is a SMB exploit [source, source]
    EMERALDTHREAD is a SMB exploit for Windows XP and Server 2003 [source, source]
    EMPHASISMINE is a remote IMAP exploit for IBM Lotus Domino [source, source]
    ENGLISHMANSDENTIST sets Outlook Exchange WebAccess rules to trigger executable code on the client's side to send an email to other users [source, source]
    ERRATICGOPHER is a SMBv1 exploit targeting Windows XP and Server 2003 [source, source]
    ETERNALSYNERGY is a SMBv3 remote code execution flaw for Windows 8 and Server 2012 [source, source, source]
    ETERNALBLUE is a SMBv2 exploit [source] that also works on Windows 10, even if it wasn't designed to [source]
    ETERNALCHAMPION is a SMBv1 exploit [source]
    ESKIMOROLL is a Kerberos exploit targeting 2000, 2003, 2008 and 2008 R2 domain controllers [source, source]
    ESTEEMAUDIT is an RDP exploit and backdoor for Windows Server 2003 [source, source]
    ECLIPSEDWING is an RCE exploit for the Server service in Windows Server 2008 and later [source, source]
    ETRE is an exploit for IMail 8.10 to 8.22 [source]
    FUZZBUNCH is an exploit framework, similar to MetaSploit [source, source], which was also part of the December-January "Windows Tools" Shadow Brokers auction [source]
    DOUBLEPULSAR is a RING-0 multi-version kernel mode payload [source]
    EquationGroup had scripts that could scrape Oracle databases for SWIFT data [source, source]
    ODDJOB is an implant builder and C&C server that can deliver exploits for Windows 2000 and later [source, source], also not detected by any AV vendors [source]
    Metadata [possibly faked, possibly real] links NSA to Equation Group [source]
    NSA used TrueCrypt for storing operation notes [source]
    Some of the Windows exploits released today were undetectable on VirusTotal [source]
    Some EquationGroup humor in the oddjob instructions manual [source, source]
    JEEPFLEA_MARKET appears to be an operation for collecting data from several banks around the world [source], previously linked to the NSA by Snowden [source, source]
    The Equation Group targeted EastNets, a SWIFT connectivity provider [source, source, source, source, source]
      My ComputerSystem Spec


  10. Posts : 7,567
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       14 Apr 2017 #10

    Wow, @simrick. You've been busy. Impressive list you made!

    So what do we do about all this?
      My ComputersSystem Spec


 
Page 1 of 15 12311 ... LastLast

Related Threads
Remote hacking in AntiVirus, Firewalls and System Security
I believe I am being remotely monitored. My task manager spikes whenever this person uses their computer and I have very odd programs running. I have a dell windows 10 upgraded from 7. Can someone lead me thru steps on how to find it and eliminate...
Will dual boot windows 10 1511 and ubuntu 16.04 be affected by anniversary update. Henry
As the title says, my old laptop was stolen how do I remove access to my Microsoft account form it?
Stolen asus laptop s/n f6n0cv02692323a in AntiVirus, Firewalls and System Security
Hi guys, new to this forum and requesting any possible help. My laptop has been stolen and I didn't have any tracking program installed. Is there any way it can be located again? It also has a password on the startup lockscreen but I am not sure if...
Would Windows 10 Phone affected by the same virus with Win 10 PC? in AntiVirus, Firewalls and System Security
So I just had a thought: if Windows 10 for Phone can run continuum and be a PC, then a virus or any malicious software can infect a phone just like it would in a laptop/desktop? Another thought: what if the virus can manipulate OneDrive sync and...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 19:50.
Find Us