Shadow Brokers says it could release the code to the files for free if it passes its target of one million bitcoins.
Advertisement
Nevertheless, the hacking tools probably weren’t easy to develop.
Former NSA contractor Snowden, who has been living in Russian Federation since leaking documents revealing the scope of the agency’s monitoring of private data, said the hack could be a warning to the United States after Democratic presidential nominee Hillary Clinton’s campaign accused Moscow of hacking into Democratic National Committee emails.
The Shadow Brokers release included not just information on the vulnerability, but also an exploit for it, making it especially risky.
Many dismiss the auction as a stunt. “It’s created to distract”.
What do these tools actually do?
Snowden himself has argued for such a theory, outlining his thoughts on Twitter a few days ago. But in separate announcements earlier this week, software manufacturers Cisco Systems Inc. and Fortinet Inc. said that some of the ShadowBrokers’ leaked codes are a threat to their products, lending credence to the notion that the hackers stole legitimate NSA exploits. Both vulnerabilities were remote code execute flaws that essentially allowed a hacker who knows how to carry out an attack to do so from anywhere across the globe.
That could explain how an anonymous group managed to obtain hacking tools that may belong to the NSA.
They seem pretty legit. As numerous leaked files were dated mid-2013, the hackers have been sitting on the data for at least three years.
“Faking this information would be monumentally hard; there is just such a sheer volume of meaningful stuff”, computer security researcher Nicholas Weaver of the University of California at Berkeley said in an interview.
It is still not entirely clear whether the hack is genuine, or merely an elaborate hoax. Instead, an NSA operator may have mistakenly uploaded a full tool set to a proxy server that the agency used to carry out infiltrations, experts told The Post. The highest bidder will get to find out.
Mr Snowden tweeted on Tuesday: “This leak is likely a warning that someone can prove USA responsibility for any attacks that originated from this malware server”. Particularly if any of those operations targeted USA allies….
As is typical in such cases, the true identity of whoever put the tools online remains hidden. What does this mean for my security?
Advertisement
They said they will put online more items in exchange for a fundraiser 1 million bitcoins, an electronic money hard to trace. A number of experts who spoke with Business Insider see Russian Federation as being behind the heist, though some believe that it could be an agency insider creating a smokescreen to mask his or her identity. This raises serious questions on the acceptability of such practices by major security agencies associated with governments. The reliance on zero-day bugs that remain unpatched today by the leaked tools suggest that the agency sat on problems for years. “So far, we have not found any new vulnerabilities related to this incident”, the company said. Although Kaspersky did not categorically identify the group as the NSA, it showed substantial proof linking the spy office and discovered a trail of codenames in highly sensitive files made public by Edward Snowden.
