A group calling itself The Shadow Brokers over the weekend published hacking tools allegedly belonging to the Equation Group, another hacking group reportedly linked to the NSA, and they plan to auction off those tools for a starting bid of 1 million bitcoin (nearly $570 million).
Advertisement
Yet this latest incident differs in that the perpetrators appear to be seeking financial gain, implementing a convoluted auction process which promises to release the remaining files to the highest bidder.
Kaspersky Lab went on to analyse the code from the sample files with those it found from the Equation Group in 2015 and has described with a “high degree of confidence” as being “functionally identical” to each other. “A rival publicly demonstrating they have done so is”, the whistleblower wrote, adding, “I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack”. At this point, the cybersecurity community seems in disagreement as to the veracity of the Shadow Brokers’ claims, leading to the conclusion that if it is a hoax, it is a job well done.
“NSA malware staging servers getting hacked by a rival is not new”. The NSA hacker team designs the algorithms and malware to monitor digital traffic, penetrate computers and activate anything connected to the internet.
Snowden has also weighed in to offer his thoughts on the hack and – based on the assumption it is true – suggested on Twitter that this was a shot across the bow for the NSA.
Cisco said it had “immediately conducted a thorough investigation of the files released” and identified two flaws affecting its Adaptive Security Appliance devices.
It also claims the Equation Group does not know what has been stolen. They use one or more such servers to make it hard to trace a hack.
The leak of what purports to be a National Security Agency hacking tool kit has set the information security world atwitter and sent major companies rushing to update their defenses.
He believes the Shadow Brokers’ cyberattack on the NSA’s group is linked to the Democratic National Convention, afterRussian hackers leaked several emails and voice messages.
Security and networking companies scrambled to investigate the flaws exposed by the auction.
Other experts say they, too, believe the files contain actual NSA code.
Kaspersky Labs, a Russia-based security group, a year ago documented 500 infections by Equation Group in at least 42 countries, with Iran, Russia, Pakistan, Afghanistan, India, Syria, and Mali topping the list, according to arstechnica. He said that the disclosure “is likely a warning that someone can prove US responsibility for any attacks that originated from this” redirector or malware server by linking it to the NSA.
‘That could have significant foreign policy consequences.
Advertisement
In other words, he tweeted, it looks like “somebody sending a message” that retaliating against Russian Federation for its hacks of the political organizations “could get messy fast”.
