According to a report published over the weekend by Motherboard, a host of previously unknown Windows hacking tools — which were created and utilized by the U.S. National Security Agency (NSA) — have been leaked, allowing even the most technologically challenged hackers to carry out “zero day” exploits against millions of active PCs, including nefarious acts like defacing websites, remotely locking a user’s machine for the sole sake of demanding a ransom payment for their re-admittance, or outright stealing emails or other sensitive data from right under their nose.
Featuring a range of easy-to-use hacking tools, including one called “Fuzzbunch,” the leaks allow hackers to gain control of PCs specifically running versions of Windows prior to Windows 10, including Windows XP, Vista, 7, 8, as well as various server versions including NT, 2000, 2003, 2008, and 2012.
The swath of NSA hacking tools, which one former U.S. Department of Defense (DoD) employee said is “The worst thing since Snowden,” were leaked in recent weeks by a hacking group known as the “Shadow Brokers,” according to Motherboard’s Lorenzo Franceschi-Bicchierai. The report also quotes the same DoD employee saying “It’s not safe to run an internet facing Windows box right now.”
“All of the Windows implants are new to VirusTotal [an online file scanning tool], which suggests they’ve not been seen before,” added U.K.-based IT security architect, Kevin Beaumont.
While Microsoft has aggressively encouraged its customers to upgrade to Windows 10, which was released back in the summer of 2015, the latter majority of internet-connected PCs around the world, unfortunately, are still running much older versions of the operating system — with Windows 7, in particular, being the most widely used among them, according to recent statistics from GoSquared.
Interestingly, statistics collected by NetMarketshare revealed that only 25% of Window PCs, globally, are running the most recent version of Windows 10, meaning that the broader majority (give or take, 65-75%) of Windows machines are susceptible to being compromised by the suite of hacking tools.
A Microsoft spokesperson indicated in response to the Motherboard report that the company is currently “reviewing the report and will take the necessary actions to protect our customers.”
Meanwhile, aside from Macs whose owners have intentionally configured them to dual-boot into older versions of Windows, the breadth of Mac computers running recent software (10.11 El Capitan or later), as well as iPad models running iOS 9 or 10, remain unaffected by these exploits.
Apple’s limited exposure to malware, at least in part, can be attributed to the company’s penchant for propagating so-called “security by obscurity,” whereby even the easiest to execute hacking tools are simply unable to work on Mac or iOS because the operating systems simply aren’t as easy to target as their Windows and Android counterparts. That’s because Apple has a much faster ability to create and distribute new updates to the public, patching vulnerabilities and advancing system-wide security with each successive update to iOS and macOS, respectively.