Shadow Brokers Leaks Hacking Tools: Exactly Exactly What this means for Enterprises

On April 14, several hacking tools and exploits targeting systems and servers running Microsoft Windows had been released by hacking group Shadow Brokers. A number of these had been apparently tools focusing on organizations that are financial. The hacking team initially put these troves of taken spyware on the block year that is last failed, and has now incrementally released them since.

The latest haul of spyware released by Shadow Brokers allows attackers to breach systems (including Linux), sites, and firewalls.

Which systems and platforms are impacted? Trend Micro’s initial (and ongoing) analyses discovered over 35 information-stealing Trojans a part of this leak that is latest.

The dump included exploits that target a few system and host weaknesses, along side Fuzzbunch—a network-targeting hacking framework ( comparable to penetration evaluation device Metasploit) that executes the exploits.

Below are a few associated with the vulnerabilities exploited by the hacking tools:

  • CVE-2008-4250 (exploit which is why is codenamed “EclipsedWing”, patched October, 2008 via MS08-67)
  • CVE-2009-2526, CVE-2009-2532, and CVE-2009-3103 (“EducatedScholar”, patched October, 2009 via MS09–050)
  • CVE-2010-2729 (“EmeraldThread”, patched September, 2010 via MS10-061)
  • CVE-2014-6324 (“EskimoRoll”, patched November, 2014 via MS14-068)
  • CVE-2017-7269 (a safety flaw in Microsoft Web Suggestions Services 6.0)
  • CVE-2017-0146 and CVE-2017-0147 (“EternalChampion”, patched March 2017 via MS17-010)

Read more