Hackers expose NSA financial spying arsenal, global banking system potentially at risk
Nine exploits released by the Shadow Brokers have already been patched, while three others only affected users running older, unsupported versions of the Windows operating system, said principal security group manager Phillip Misner on Microsoft's TechNet IT portal.
Although some records bear NSA seals, their authenticity has yet to be confirmed.
Earlier today, Microsoft concluded an investigation which it started yesterday after a mysterious group of hackers known as The Shadow Brokers dumped a trove of Windows exploits online, as part of a plan started previous year and aimed at ousting the Equation Group cyber-espionage group as the NSA, and so, exposing the US' foreign hacking operations. The group attempted to auction off the files but failed, and have been releasing portions of the stolen files in stages.
According to Chaouki Bekrar, founder of Zerodium that sells zero-day exploits, the leaked cyberweapons, if sold, would have likely netted the Shadow Brokers $2m (£1.6m) Instead the hacker group dumped the alleged NSA stockpile for free.
How risky is the Windows exploits dump? The NSA allegedly claimed in its now hacked and released article that the "box has been implanted and we are collecting", which Wired explains as the "jargon used by the NSA to indicate spyware has been successfully implanted on a computer".
Since Microsoft fixed one of the flaws only last month, it's possible that The Shadow Brokers tools may represent NSA tools deemed useful for national security purposes. "Shadow Brokers" exploit known as "EducatedScholar" was patched by Microsoft in October 2009.
The question that will now trouble many in the security industry - regardless of Microsoft having potentially avoided a massive security disaster - is how the company knew about these exploits right before their public disclosure? This means that customers should be protected if they've kept their software up-to-date. "One collection of 15 exploits contains at least four Windows hacks that researches have already been able to replicate", the experts said. Matthew closed out his email by noting that "Microsoft will need to release fixes for several of the ETERNAL exploits and customers should ensure they apply them as soon as available".
Swift, which is headquartered in Belgium, said: "We have no evidence to suggest that there has ever been any unauthorised access to our network or messaging services".
Security researchers spent most of the day trying to figure out how the various exploits worked by testing the exploits in various virtual machines in their respective labs.
A Microsoft spokesperson said the company is reviewing the report and "will take the necessary actions to protect the customers".
"This is not a drill: NSA exploits affecting many fully-patched Windows systems have been released to the wild".