The Shadow Brokers release exploits for global banking systems and Windows
Microsoft says the Windows exploits have already been patchedBy Rob Thubron
Less than a week after the Shadow Brokers came out of retirement to release a password it had previously tried to auction off, the hacking group has posted a new NSA data dump along with some (now mostly patched) Windows exploits.
"Is being too bad nobody deciding to be paying theshadowbrokers for just to shutup and going away. TheShadowBrokers rather being getting drunk with McAfee on desert island with hot babes," the group wrote in a post alongside the published documents.
The new leaks suggest that the NSA hacked into EastNets, a Dubai-based firm that oversees payments for SWIFT, an international financial messaging service used for transferring money between banks, particularly those in the Middle East.
Despite apparent evidence to the contrary, EastNets has denied it was hacked. "While we cannot ascertain the information that has been published, we can confirm that no EastNets customer data has been compromised in any way. EastNets continues to guarantee the complete safety and security of its customers' data with the highest levels of protection from its SWIFT certified Service bureau," wrote EastNets CEO and founder, Hazem Mulhim, in a statement.
The Shadow Brokers' post also contained a number of Windows exploits, but Microsoft said in a blog post that it has already issued patches for the majority of the attacks, and the remaining three unpatched exploits are only designed for unsupported systems - anyone using Windows 7 or above is not at risk.
"Customers still running prior versions of these products are encouraged to upgrade to a supported offering," the post added.
What's interesting is that four of the exploits were patched just last month, which could indicate Microsoft was informed about the vulnerabilities before they were leaked.