UPDATE: Microsoft says all vulnerabilities have already been addressed in recent patches. Read more here.
Former NSA contractor Edward Snowden warned on Twitter that "this is not a drill" after a group of hackers released Friday what they claim to be documents detailing the surveillance tools used by the National Security Agency for its hacking program that can break into millions of Microsoft Windows computers and may have been used to break into the Middle East financial network.
The tools, revealed by the Shadow Brokers, are designed to hack into Microsoft Windows operating systems and some of the documents suggest that the agency used them to target the SWIFT banking system, a worldwide network of financial institutions.
Snowden, who was granted asylum in Russia since 2013 after he leaked secret information from the NSA's surveillance programs, tweeted that these NSA "exploits affecting many fully-patched Windows systems have been released to the wild. NSA did not warn Microsoft."
This is not a drill: #NSA exploits affecting many fully-patched Windows systems have been released to the wild. NSA did not warn Microsoft. https://t.co/2H8F7vH7fW— Edward Snowden (@Snowden) April 14, 2017
Snowden said the NSA knew as recently as last year that their hacking methods were stolen, but accused the agency of refusing to tell software makers "how to lock the thieves out."
Hackers and cyber experts have been playing up the potential danger posed by these latest revelations as they parse through the documents. The tools are dated 2013, but millions are Microsoft computers with operating systems leading up to, but not including the current Windows 10, might be compromised.
"It's not safe to run an Internet-facing Windows box right now," a hacker who used to work in the Defense Department told Motherboard. The unnamed hacker also said, "this is the worst thing since Snowden."
Microsoft says it is reviewing the leak and "will take the necessary actions to protect our customers."
Computer security researcher Matt Suiche, founder of UAE-based Comae Technologies, who helped confirm that prior NSA leaks from the Shadow Brokers are real, has been updating a blog post on Friday's document dump. "This is by far, the most interesting release from Shadow Brokers as it does not only contain tools," he wrote.
He warned that if the Shadow Brokers' "claims are indeed verified, it seems that the NSA sought to totally capture the backbone of international financial system to have a God's eye into a SWIFT Service Bureau — and potentially the entire SWIFT network."
There's a problem w the claim #NSA hacked SWIFT "to search for terrorists": US already had lawful channels to get SWIFT data for CT cases. https://t.co/REFSYk6ykV— Edward Snowden (@Snowden) April 14, 2017
The documents appear to show the NSA targeted an office in Dubai for EastNets, and anti-money laundering and financial services firm.
EastNets said in a statement that there is "no credibility" that there customer information on its SWIFT service bureau was compromised and that claims to the contrary online are from outdated pages from an internal server retired in 2013.
SWIFT, which based in Belgium, put out a statement saying "we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorized third parties." According to ABC News, SWIFT said there was no evidence that the security of its network had been breached.