Saturday, March 2, 2024

Digital Weapons of NSA-linked Microsoft hacking tools leak by Shadow Brokers

The Shadow Brokers, a group of hackers that have stolen exploits and hacking tools from the National Security Agency (NSA), are now selling some of these tools, which include Windows exploits and antivirus bypass tools, on a website hidden on the ZeroNet network.

They group that claims to have stolen digital weapons once used by the National Security Agency published a trove of active Microsoft Windows software exploits .

The claimed misuses being used, alongside a complete rundown of filenames and registries were altogether shared by the confounding gathering the “Shadow Brokers,”

The newly advertised website claims that, for a total price of 750 BTC (Bitcoins), the buyer can purchase the entire database of hacking tools that The Equation Group used, which are entirely focused on the Windows platform.

In their supposed final message, the ShadowBrokers say they are “making [an] exit” and “going dark”— although an associated bitcoin wallet will remain open for new bids.

The group claims it will come out of hiding to provide the remaining stolen hacking tools only upon receiving 10,000 bitcoin, or $8.13 million worth of the anonymous currency.

Those exploits and other hacking tools turned out to be legitimate, and many affected hardware firewalls from vendors such as Cisco, Huawei, and Juniper. The group went on to dump more files in October, which allegedly revealed IP addresses linked to NSA hacking operations.

Spilled reports portraying another module, named “EventLogEdit,” demonstrate it could be utilized to alter occasion logs, giving the attacker the ability to manipulate digital forensic evidence that would normally show anomalies after an intrusion.

“EventLogEdit” was likely created and conveyed by a very much resourced and in fact skilled foe, similar to a knowledge benefit, portrayed Michael Zeberlein, executive of insight investigation with Area 1 Security.

This whole time, The Shadow Brokers have been trying to sell more exploits to those willing to cough up a hefty amount of bitcoin. The group started with an auction and crowd-funded approach, before launching a site to apparently sell exploits one by one directly to customers.

The group hasn’t had much success. “Bidders have only sent a total of 10 bitcoins ($7,800) to the group, far short of the 10,000 bitcoins ($7,800,500) The Shadow Brokers demanded in exchange for a collection of Linux and Windows hacking tools.”

Including of  These Security software bypass tools

Security analyst Jacob Williams has downloaded and examined a progression of screenshots gave by the Shadow Brokers aggregate.

These screenshots purportedly demonstrate the yield of a few apparatuses that are presently being sold as a component of the Windows Warez accumulation. He explained in His blog ,

“I downloaded the screenshots published by the Shadow Brokers (which oddly doesn’t include this screenshot).  However, it does include the output of the find command across the dump.  After searching through the directory list output for the string “psp” we find a number of different XML files (among other Python files and others)”

Based on the output of those tools (embedded below), Williams says that in theory, some of these tools should provide the ability to bypass/exploit some antivirus software, such as Avast, Avira, Comodo, Dr.Web, ESET, Kasperksy, McAfee, Microsoft, Panda, Rising Antivirus, Symantec, and Trend Micro.

Website

Latest articles

AI Worm Developed by Researchers Spreads Automatically Between AI Agents

Researchers have developed what they claim to be one of the first generative AI...

20 Million+ Cutout.Pro User Records Leaked On Hacking Forums

CutOut.Pro, an AI-powered photo and video editing platform, has reportedly suffered a data breach,...

CWE Version 4.14 Released: What’s New!

The Common Weakness Enumeration (CWE) project, a cornerstone in the cybersecurity landscape, has unveiled...

RisePro Stealer Attacks Windows Users Steals Sensitive Data

A new wave of cyber threats has emerged as the RisePro information stealer targets...

Golden Corral Restaurant Chain Hacked: 180,000+ Users’ Data Stolen

The Golden Corral Corporation, a popular American restaurant chain, has suffered a significant data...

CISA Warns Of Hackers Exploiting Multiple Flaws In Ivanti VPN

Threat actors target and abuse VPN flaws because VPNs are often used to secure...

BEAST AI Jailbreak Language Models Within 1 Minute With High Accuracy

Malicious hackers sometimes jailbreak language models (LMs) to exploit bugs in the systems so...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles