NSA Spy Tools Infect Tens of Thousands of PCs
James Patterson | Last Updated:
Online Privacy & Internet Security Expert
In the wake of recently-published NSA hacks by the Shadow Brokers group, multiple sources now confirm that tens of thousands of Windows PCs have been infiltrated by NSA spying tools, the most notorious of which is the DOUBLEPULSAR malware loader.
DOUBLEPULSAR is not actually malware itself per se, but is rather a “loading dock” for future infections, making it easier for attackers to plant malware on the machine undetected. Once it gets installed, DOUBLEPULSAR acts as a concealed back door which is difficult to detect, and maintains an open communication channel back to its controller.
John Matherly, CEO of internet-scanning tool shodan.io, claims that as many as 100,000 Windows devices could be infected.
In an email, Matherly stated: “Shodan has currently indexed more than 2 million IPs running a public SMB service on port 445. 0.04 percent of SMB services that we’re observing in our data firehose are susceptible to DOUBLEPULSAR which results in a projection of ~100,000 devices on the Internet that are impacted. Shodan has already indexed 45k confirmed [infections] so far.”
Microsoft released a statement casting doubt on these numbers, stating: “We doubt the accuracy of the reports and are investigating.” Even if the numbers are actually lower than these projections, the fact of the matter is that spying and monitoring is becoming more prevalent as various government agencies squeeze tighter on what little remains of online privacy.
What does this mean to the average PC user? Fortunately, Microsoft has already released patches that eliminate most of the vulnerabilities in infected operating systems. If you haven’t updated your Windows machine in a while, it’s imperative that you do so now.
All of this deliberate spying and invasion of privacy reinforces the need for internet users to fight back and protect their privacy against governments, ISPs, and hackers. One of the most effective ways to maintain privacy and anonymity is to use a VPN. A VPN cloaks a user’s traffic by creating a secure, encrypted tunnel between their PC and the VPN service, and by making their browsing appear to originate from the VPN server instead of the PC. This allows a user to browse the internet anonymously, since their ISP only sees that a connection is made to a VPN server, not the actual browsing data.
This new discovery, coupled with the recent repealing of FCC privacy laws, paints a bleak picture for the future of online privacy. Internet users are highly encouraged to enlist the help of VPNs and other privacy tools to protect their data.