Shadowbrokers dump wealth of darknet exploits to use against Windows

With a name that probably should stay in space opera role playing games, a group known only as The Shadow Brokers released a hefty amount of Windows exploits online. Its main aim seems to have been at targeting a cyber-espionage group tied to the National Security Agency (NSA).

The trove of exploits were made available to the public and contained tools for hacking various versions of Windows OS. Immediately, Microsoft looked into testing the exploits and reporting back the potential damage risks to its users.

The Shadow Brokers have a history of specifically targeting an espionage division of the NSA called Equation Group. Back in August 2016, the group released a toolkit on GitHub that would help decrypt Equation Group’s files. It’s also been selling exploits to work against the group in darknet auctions.

On a positive note, Microsoft was able to report that many of the vulnerabilities had already been addressed and patched last year and early this year. The most vital of those patches, MS17-010, was a part of March’s Patch Tuesday, which Microsoft urged out-of-date users to download and install as soon as possible.

There’s been some unofficial online speculation by cybersecurity experts and users that The Shadow Brokers may have alerted Microsoft of the public dumping beforehand. It would explain how several of the zero-day exploits had been addressed in a patch released just a month beforehand.

Here’s a list of the NSA-related exploits Microsoft had already explored and patched:

  • ETERNALBLUE
  • EMERALDTHREAD
  • ETERNALCHAMPION
  • ERRATICGOPHER
  • ESKIMOROLL
  • ETERNALROMANCE
  • EDUCATEDSCHOLAR
  • ETERNALSYNERGY
  • ECLIPSEDWING

Last month’s Patch Tuesday was one of the largest patches we’ve seen from Microsoft in a while. This month’s Patch Tuesday also contained a monumental change: No more security bulletins.

Instead, Microsoft had unveiled the Microsoft Security Update Guide (MSUG) which is a searchable database of all its patches and security updates.

Microsoft is the trendsetter of the tech industry when it comes to keeping users informed on security patches. It’s set a high expectation of this service for years. With MSUG, it’s once again shaking up the usual format of how security updates are managed. Sometimes, those updates are what protect you and your users from fast-striking zero-day vulnerabilities.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy