The hacker group The Shadow Brokers published a portion of the tools stolen from the group Equation Group, suspected of links with U.S. intelligence. We are talking about exploits for vulnerabilities in various versions of Windows operating system. According to experts, some of them are still working.
As the resource Securitylab, vriv contains special tools for different OS versions from Windows 2000 and Server 2012 to Windows 7 and 8. Published dump contains a total of 23 tools, including EsteemAudit, Oddjob, Mofconfig, Easybee, EducatedScholar, EnglishmanDentist, EsikmoRoll, EclipsedWing, Emphasismine, EmeraldThread, Fuzzbunch, ExplodingCan, ErraticGopher, EternalRomance, EternalBlue, EternalSynergy, Ewokefrenzy and Doublepulsar.
Fuzzbunch is a modular software allowing a few minutes to hack the target system and to set a backdoor for remote management of Windows-based PC.
Microsoft conducted an analysis of exploits and said that vulnerabilities in SMB v1-3 operated tools EternalBlue, EmeraldThread, EternalChampion, EternalRomance, ErraticGopher, EducatedScholar and EternalSynergy was already fixed in previous years, some corrected in the current year (CVE-2017-0146, and CVE-2017-0147).
Patch for vulnerabilities in domain controllers that are running Windows 2000, 2003, 2008 and 2008 R2 operating tool EsikmoRoll, was released three years ago, in 2014. As noted in the company, tools EnglishmanDentist, EsteemAudit and ExplodingCan do not work on supported versions of Windows, so the patches for them will not be issued.
In addition to tools for hacking Windows hackers also published the documents testifying the presence of US NSA access to the interbank messaging system SWIFT, which allowed to track the movement of funds between banks in South America and the Middle East.