At first Shadow Brokers put the archives up for auction, but in the end the toolbox did not go to the highest bidder. For some reason the group posted passwords to the archives, releasing the genie out of the bottle.
"Beasts" with names like ODDJOB, FUZZBUNCH, ETERNALBLUE and DOUBLEPULSAR were downloaded by thousands of Internet users from all over the world. With these tools even inexperienced programmers were able to gain access to various PCs, including those that use Linux and Solaris operating systems.
Here is Watchguard CTO Corey Nachreiner talking about the leaked scripts on YouTube.
The researchers mentioned there were 12 significant vulnerabilities in various versions of Windows, including what they said were up-to-date versions of Windows that could allow bad guys to remotely exploit Windows computers over the network. SMB vulnerabilities are a very big deal. Threats like Configure have used major SMB vulnerabilities in order to spread automatically.
The appearance of the alleged "Big Brothers toolbox" out in the open led to heated debates about the US government's online spying ops, and about the NSA's ability to defend itself and eventually find the source of Shadow Brokers leaks. Some NSA critics, like the organization's former contractor Edward Snowden, said that the source should be easily identifiable.
The massive leak of "government malware" led to serious consequences. In less than a month unknown bad guys compiled ransomware utilities, which spread across the Internet at the speed of light, infecting and locking Windows computers all over the world and demanding a ransom in bitcoins. According to researchers, malware called "WCry" or "WannaCry" use two utilities leaked by Shadow Brokers – ETERNALBLUE and DOUBLEPULSAR. The spread of WCry was stopped rather quickly by Microsoft and other software manufacturers taking action and warning users to install updates and patches. But other variations of WannaCry sprung up like jack-in-the-box, making it harder for anti-virus makers to thwart the epidemic.
We'd love to get your feedback back at email@example.com.
Have you heard the news? Sign up to our Telegram channel and we'll keep you up to speed!