• Home
  • News
  • Artificial Intelligence
  • Internet of Things
  • Open Source
  • Hardware
  • Software
  • Security
  • Whitepapers
  • Data Strategy Spotlight
  • Newsletters
  • Whitepapers
    • Inqlogo 120x194
      Five things you should look for in choosing a Testing provider

      Choosing a Testing Partner can be complex.  So what do you look for?  This guide offers insight into the qualities you must look for in choosing a Testing provider.  Download now to learn more.

      Download
      Inqlogo 120x194
      Your questions answered: How to protect your data in the cloud

      The number of successful cyberattacks per year per company has increased by 46% over the last four years. But what really needs to be considered when exploring a solution? What questions need to be asked? Download to find out...

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Follow us
    • RSS
    • Twitter
    • LinkedIn
    • Newsletters
    • Facebook
    • Google+
    • YouTube
  • Newsletter
  • Industry Voice
  • Data Strategy Spotlight
The Inquirer
The Inquirer
  • Home
  • News
  • Artificial Intelligence
  • Internet of Things
  • Open Source
  • Hardware
  • Software
  • Security
  • Trending
  • MWC 2019
  • Article 13
  • AMD Radeon VII
  • Galaxy S10
  • Nvidia GTX 1660 Ti 
The Inquirer
  • Software

Leaked NSA hacking tools can target all Windows versions from the past two decades

How about someone makes America's security service secure again

Leaked NSA hacking tools can target all Windows versions from the past two decades
Leaked NSA hacking tools can target all Windows versions from the past two decades
  • Roland Moore-Colyer
  • Roland Moore-Colyer
  • @RolandM_C
  • 06 February 2018
  • Tweet  
  • Facebook  
  • Google plus  
  •  
  •  
  • Send to  
0 Comments

REMEMBER THOSE LEAKED NSA TOOLS? Well, they can now hack any version of Windows, not just the old version of Microsoft's operating system.

Researcher Sean Dillon from cybersecurity firm RiskSense tweaked the source code of three nicked NSA exploits - EternalSynergy, EternalChampion and EternalRomance - to work against Windows versions dating back as far as Windows 2000.

Going by the name of 'zerosum0x0' on GitHub and Twitter (hat tip to Betanews for that), Dillon noted his modifications to the code exploits the CVE-2017-0143 and CVE-2017-0146 vulnerabilities in numerous versions of unpatched Windows OS.

MS17-010 #EternalSynergy #EternalRomance #EternalChampion exploit and auxiliary modules for @Metasploit. Support for Windows 2000 through 2016. I basically bolted MSF psexec onto @sleepya_ zzz_exploit. https://t.co/UnGA1u4gWe pic.twitter.com/Y9SMFJguH1

— zǝɹosum0x0🦉 (@zerosum0x0) January 29, 2018

While other leaked hacking tools like EternalBlue have been attributed to facilitating the likes of WannaCry and NotPetya, which affected systems running older versions of Windows like Windows 7, the modified exploits can be used against Windows 10 builds.

Windows 10 was originally thought to be immune to the stolen NSA tools leaked by hacker group Shadow Brokers. But unpatched versions of Redmond's latest OS appear to be vulnerable to attacks that make use of the modified code, not that any have been reported out in the wild.

Naturally, ensuring Windows 10 is up-to-date and patched should make any systems running the software immune to the modified hacking tools. But older versions of Windows that are no longer supported by Microsoft could face attacks that put the modified NSA exploits to use if the operating systems are not updated with patches Redmond pushed out in March 2017.

Plonking his modified code on GitHub with the disclaimer that it's intended for academic research and the development of cyber defences, Dillon said: "This module is highly reliable and preferred over EternalBlue where a Named Pipe is accessible for anonymous logins (generally, everything pre-Vista, and relatively common for domain computers in the wild)."

The trio of modified exploits also boast remote control and code execution features that could be used to wreak havoc on compromised machines.

If you've kept up with patches for more recent versions of Windows, then you should be safe from the exploits.

For companies with large and complex IT estates that aren't all running the latest software, such modified exploits could cause a headache. Either way, such tweaks to the modified NSA tools show that the Eternal family of exploits is still have some life left into them; jeez, thanks for that NSA. µ

  • Tweet  
  • Facebook  
  • Google plus  
  •  
  •  
  • Send to  
  • Topics
  • Software
  • Security
  • nsa
  • windows 10
  • Microsoft
  • Security

INQ Latest

Google Updates: Play Store discounts, Google Phone gets RTT, Hangouts changes
Google Updates: Play Store discounts, Google Phone gets RTT, Hangouts changes

The other Google news of the week

  • Software
  • 15 February 2019
Opera Reborn 3 is now available for developer testing ahead of a March release
Opera Reborn 3 is now available for developer testing ahead of a March release

Everyone clear the Aria!

  • Software
  • 15 February 2019
Samsung Galaxy Tab S5e official with 10.5in screen and Android Pie
Samsung Galaxy Tab S5e official with 10.5in screen and Android Pie

And it's Samsung's thinnest and lightest tablet yet

  • Handhelds
  • 15 February 2019
Twitter is mulling over allowing 'clarifications' instead of full-blown edits
Twitter is mulling over allowing 'clarifications' instead of full-blown edits

Tweaking tweets

  • Applications
  • 15 February 2019
Back to Top

Most read

Galaxy S10 price, release date and specs: Galaxy S10+ appears in hands-on video
Galaxy S10 price, release date and specs: Galaxy S10+ appears in hands-on video
Microsoft is already beta testing a 2020 version of Windows 10
Microsoft is already beta testing a 2020 version of Windows 10
iPhone 11 release date, specs and price: 2019 iPhones to stick with Lightning over USB-C
iPhone 11 release date, specs and price: 2019 iPhones to stick with Lightning over USB-C
OpenAI has a fake news bomb made of AI and no clue what to do with it
OpenAI has a fake news bomb made of AI and no clue what to do with it
Samsung accidentally reveals its entire wearable line via an app update
Samsung accidentally reveals its entire 2019 wearable line via an app update
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About Incisive Media
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • LinkedIn
  • Newsletters
  • Facebook
  • Google+
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017