Previously, the Intercept confirmed that the ShadowBrokers have leaked an authentic malware used by the NSA to attack computers around the world, now released another cache of what appears to be extremely dangerous software capable of breaking into systems running on Windows. The software has the ability to bring problems on millions of Microsoft users.
The leak includes a codenamed software implants with names like ODDJOB, ZIPPYBEER, and ESTEEMAUDIT. These have the capability to breaking into computers running version of the Windows operating system earlier than the most recent Windows 10. In some cases, the software even controls the said operating system. Windows ran more than 65 percent of desktop computers for surfing the web last month according to tracking firm Net Market Share.
One program named FUZZBUNCH can essentially automates the deployment of NSA malware; it would allow a member of agency’s Tailored Access Operations group to more easily infect a target from their desk.
Security researcher and hacker Matthew Hickey, said affected computers will remain vulnerable until Microsoft releases patches for the zero-day vulnerabilities and, more crucially, until their owners then apply those patches. It’s literally a cyber weapon for hacking into computers; nation-state attack tools are now in the hands of anyone who cares to download them.
Hickey showed a video of FUZZBUNCH being used to compromise a virtual computer running Windows Server 2008. Survey cited 2016 showed that Windows Server 2008 is the operating system most widely used in the industry.
Editor at Lawfare and former NSA attorney Susan Hennessey wrote on Twitter that the leak will cause extensive harm to both U.S. Intel interests and public security.
A Microsoft spokesperson said they are reviewing the report and will take the necessary actions to protect our customers. The company later clarified that no individual or organization has contacted them in relation to the materials released by Shadow Brokers.