Skip to main content

NSA tools are still letting hackers take over unpatched systems

Casezy/Getty Images

It’s been more than a year since some of the NSA’s most capable hacking tools were stolen and leaked online, and despite a concerted effort to see PCs and systems patched against them, many thousands are still vulnerable to the attacks, which continue to work. Worse still, new and more advanced attack methods are being used to make these tools even more effective, leading to hackers taking over systems in their entirety.

The NSA has long been known to be involved in developing clever hacking tools that can snoop on all sorts of networked hardware all over the world. The Edward Snowden revelations provided just a small insight into their capabilities and just over a year ago, when some of the agency’s hacking tools leaked online, we learned even more. But that leak was far worse in many ways, as it meant that hackers could take advantage of those hacking tools, and they still are, to great effect.

The UPnProxy attack was first spotted earlier this year, with cloud service provider Akamai Technologies highlighting how more than 3.5 million devices around the world were potentially vulnerable to the hack, which used port-forwarding on a router to send malicious traffic to a connected system. Months later, that number of vulnerable systems has been limited to just 277,000, but that’s still a huge pool for hackers to draw from, and Akamai is now reporting that some 45,000 of those have already been compromised.

As TechCrunch reports, hackers are now using a pair of exploits developed by the NSA to burrow through the router and attack connected systems. The two exploits, known as EternalBlue and EternalRed, target Windows and Linux-based systems respectively. This new attack is being termed “EternalSilence” by Akamai, which warns that with 45,000 infected devices, more than a million connected computers could also be vulnerable.

Suggestions on how to protect yourself and your system from the attack include patching to the latest version of your operating system — Microsoft has patched most of the vulnerabilities these tools exploit — and updating your router firmware. If there is any suggestion that your network may have been compromised though, Akamai suggests that replacing the potentially infected router entirely may be the best course of action.

Concerned about PC security? Check out our regular [in]secure column to learn more.

Editors' Recommendations

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Hackers can now take over your computer through Microsoft Word
A dark mystery hand typing on a laptop computer at night.

A new zero-day vulnerability in Microsoft Office could potentially allow hackers to take control of your computer. The vulnerability can be exploited even if you don't actually open an infected file.

Although we're still waiting for an official fix, Microsoft has released a workaround for this exploit, so if you frequently use MS Office, be sure to check it out.

Read more
Windows 11 still has this one major advantage over MacOS
Surface Pro 8 tablet view with Windows 11 screen.

People love their Macs, and rightfully so. The MacOS interface is known for being intuitive and familiar, especially if you happen to also use an iPhone or iPad.

The release of its primary rival, Windows, hasn't changed that, but there's one new multitasking feature introduced in Windows 11 that MacOS can't compete with.
Windows 11 Snap Groups

Read more
Microsoft will release a fix for major Windows vulnerability found by the NSA
A Microsoft Surface Book opened and being used.

You may want to update all your Microsoft-related software ASAP. The National Security Agency -- yes, the same NSA that Edward Snowden warned us about -- reportedly alerted Microsoft that there’s a major flaw in the Windows operating system, a flaw that Microsoft has not confirmed that it's directly addressed as of yet. Reportedly, it could affect the Windows 10 operating system, and the Windows Server 2016.

First reported by the Washington Post, Microsoft said in a statement to Digital Trends that it is “releasing this month’s update” at 10 a.m. PST on Tuesday, January 14, as part of a “regular Update Tuesday schedule.”

Read more