Thursday, October 3, 2024
HomeHacksDigital Weapons of NSA-linked Microsoft hacking tools leak by Shadow Brokers

Digital Weapons of NSA-linked Microsoft hacking tools leak by Shadow Brokers

Published on

The Shadow Brokers, a group of hackers that have stolen exploits and hacking tools from the National Security Agency (NSA), are now selling some of these tools, which include Windows exploits and antivirus bypass tools, on a website hidden on the ZeroNet network.

They group that claims to have stolen digital weapons once used by the National Security Agency published a trove of active Microsoft Windows software exploits .

The claimed misuses being used, alongside a complete rundown of filenames and registries were altogether shared by the confounding gathering the “Shadow Brokers,”

- Advertisement - EHA

The newly advertised website claims that, for a total price of 750 BTC (Bitcoins), the buyer can purchase the entire database of hacking tools that The Equation Group used, which are entirely focused on the Windows platform.

In their supposed final message, the ShadowBrokers say they are “making [an] exit” and “going dark”— although an associated bitcoin wallet will remain open for new bids.

The group claims it will come out of hiding to provide the remaining stolen hacking tools only upon receiving 10,000 bitcoin, or $8.13 million worth of the anonymous currency.

Those exploits and other hacking tools turned out to be legitimate, and many affected hardware firewalls from vendors such as Cisco, Huawei, and Juniper. The group went on to dump more files in October, which allegedly revealed IP addresses linked to NSA hacking operations.

Spilled reports portraying another module, named “EventLogEdit,” demonstrate it could be utilized to alter occasion logs, giving the attacker the ability to manipulate digital forensic evidence that would normally show anomalies after an intrusion.

“EventLogEdit” was likely created and conveyed by a very much resourced and in fact skilled foe, similar to a knowledge benefit, portrayed Michael Zeberlein, executive of insight investigation with Area 1 Security.

This whole time, The Shadow Brokers have been trying to sell more exploits to those willing to cough up a hefty amount of bitcoin. The group started with an auction and crowd-funded approach, before launching a site to apparently sell exploits one by one directly to customers.

The group hasn’t had much success. “Bidders have only sent a total of 10 bitcoins ($7,800) to the group, far short of the 10,000 bitcoins ($7,800,500) The Shadow Brokers demanded in exchange for a collection of Linux and Windows hacking tools.”

Including of  These Security software bypass tools

Security analyst Jacob Williams has downloaded and examined a progression of screenshots gave by the Shadow Brokers aggregate.

These screenshots purportedly demonstrate the yield of a few apparatuses that are presently being sold as a component of the Windows Warez accumulation. He explained in His blog ,

“I downloaded the screenshots published by the Shadow Brokers (which oddly doesn’t include this screenshot).  However, it does include the output of the find command across the dump.  After searching through the directory list output for the string “psp” we find a number of different XML files (among other Python files and others)”

Based on the output of those tools (embedded below), Williams says that in theory, some of these tools should provide the ability to bypass/exploit some antivirus software, such as Avast, Avira, Comodo, Dr.Web, ESET, Kasperksy, McAfee, Microsoft, Panda, Rising Antivirus, Symantec, and Trend Micro.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...

ANY.RUN Upgrades Threat Intelligence to Identify Emerging Threats

ANY.RUN announced an upgrade to its Threat Intelligence Portal, enhancing its capabilities to identify...

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Telegram Bot Selling Phishing Tools to Bypass 2FA & Hack Microsoft 365 Accounts

A newly discovered phishing marketplace, ONNX Store, empowers cybercriminals to launch sophisticated attacks against...

Mobile Device Management Vendor Mobile Guardian Hacked

 Mobile Guardian, a leading Mobile Device Management (MDM) vendor, experienced unauthorized access to its...

Hunt3r Kill3rs Group claims they Infiltrated Schneider Electric Systems in Germany

The notorious cybercriminal group Hunt3r Kill3rs has claimed responsibility for infiltrating Schneider Electric's systems...