Although the exploits were poorly coded, “nonetheless, this appears to be legitimate code”, he added. It has so far published more than 10 million documents and associated analyses. Security researchers believe those breaches were perpetrated by agents thought to be acting on behalf of Moscow.
Advertisement
“That could have significant foreign policy consequences”.
“It’s at minimum very interesting; at maximum, hugely damaging”, CEO of the security firm Immunity Dave Aitel and a former NSA research scientist told FP. “It’ll blow some operations if those haven’t already been blown”.
At the time of writing, the Bitcoin wallet where the hackers accept auction offers has yet to receive any funds.
After poring over files – including purported software exploits -provided by Shadow Brokers, some experts increasingly think this is the real deal. The hackers seem to imply that the file contains the sophisticated hacking tools used by the NSA’s spies. Targeting such gear, which includes things like routers and firewalls, is a known tactic of Western intelligence agencies like the NSA, and was documented in the Snowden files. Russian Federation has previously been accused by security experts of hacking into the Democratic National Committee and leaking confidential internal documents; this may be the latest salvo in an ongoing dispute between the United States and Russian Federation as the U.S. considers whether to publicly blame Russian Federation for the DNC hack.
Equation Group was first linked to the NSA by security vendor Kaspersky in February previous year. The group’s toolset resembled what is used by USA intelligence agencies and included an attack that could reprogram your hard drive firmware.
If the leak is a genuine sample of NSA code – which, so far, researchers say is the case – then this month’s season of information warfare has taken yet another freaky turn. “A server of some sort was hacked”.
“If the Shadow Brokers actually hacked something, it wasn’t “the NSA”.
“High level U.S. political officials seemed quite upset about the DNC hacks, which no doubt resulted in a covert response, which this is then likely a counter-response to”, Aitel argues.
The NSA and The Shadow Brokers did not return a request for comment.
Security experts doubt the group has access to the hacking treasure trove that it boasts, but several said the code it released appears to be legitimate. “Maybe there is Equation Group version of cryptolocker+stuxnet for banks and financial systems?” Additionally, he said: “No team of “hackers” would want to piss off Equation Group this much”. You see pictures. We give you some Equation Group files free, you see. “This is good proof no?” read an entertaining message posted on Pastebin by Shadow Brokers. “You worry more, protect self from other bidders, trolls, and haters”. You find many intrusions.
“If you want know your networks hacked, you send bitcoin”, they write. No one, as best we know, managed to break into its Fort Meade, Maryland, headquarters (either physically or digitally).
The group also railed against the power of what it describes as “wealthy elites”.
Then came the implications of danger: “How much you pay for enemies cyber weapons?” it said in a cheeky style. NSA contractor turned exiled whistleblower Edward Snowden explored this possibility on Twitter on Tuesday, guessing that the data may have been stolen from a command-and-control server used by the cyberattack group.
There is no definitive proof the auction is genuine, but files released as proof of authenticity appear valid enough to have piqued the interest of many members of the security community.
The end goal of the operation remains something of a mystery.
Advertisement
Those are questions that are likely being debated in the White House, where a spokesman declined to answer questions on what may go down in history as a landmark day in the history of cyberwarfare.
