Microsoft Patches Windows Exploits Shadow Brokers Hacking Group Allegedly Stole From The NSA
On Friday, a hacking group referred to as the “Shadow Brokers” revealed a number of programs that could potentially be used to attack different versions of Windows operating systems. Microsoft maintains that the vast majority of these exploits have already been patched. “ETERNALCHAMPION”, a SMBv1 exploit, was patched by Windows updates CVE-2017-0146 & CVE-2017-0147. EnglishmanDentist”, “EsteemAudit”, and “ExplodingCan” have not been reproduced on supported platforms. Customers who run Windows 7 and Exchange 10 or higher, should not be at risk.
The Shadow Brokers published a number of Unix focused exploits that were allegedly stolen from the National Security Agency (NSA) as well. In addition, the group released several files and documents that indicated that the NSA has access to the SWIFT inter-bank messaging system. If the documents are real, it will be confirmed that the NSA has been monitoring the transactions of various Latin American and Middle Eastern banks. Hackers could potentially use the released exploits to hack into banks.
SWIFT stated that there was no indication that their main network had been accessed by unauthorized users. They did admit, however, that it was possible that the local networking systems of some individual SWIFT users may have been breached. Last year hackers stole $81 billion USD from the Bangladesh central bank, which utilizes the SWIFT messaging system. SWIFT transfers trillions of dollars everyday.
This is not the first time the Shadow Brokers have targeted the NSA. Last summer the group auctioned off a number of NSA exploits. While some were harmless or outdated, others threatened large organizations like Cisco. In the words of the Shadow Broker’s latest message, “Who knows what we having next time?”
Microsoft encourages all users to make sure that their computers are up-to-date, and if you are interested in their bug bounty program, check out this link.