Share

New Snowden docs support claim of NSA cyberweapon hack

In fact, some say that exposing the agency’s stockpile of custom-made malware is an effort to deter the United States government from retaliating against Russian Federation over the recent Democratic National Committee hack, which USA officials and many technical experts have blamed on Kremlin operatives.

Advertisement

The previously unknown Shadow Brokers released an encrypted version of files that it said contain hacking tools, pledging to disclose the password that would unlock them for free to the world if they raised 1 million bitcoins, or close to $600 million, in an online auction.

It said that while debate still continued around how these tools leaked, there was absolutely no doubt that they bore the NSA’s virtual fingerprints and their origin was crystal clear.

Still, the fear is that the stolen hacking tools are real and that more zero-day vulnerabilities may be in the hands of malicious actors.

And now that the tools are public, as long as the flaws remain unpatched, other hackers can take advantage of them, too. Given example was when China launching a missile to U.S., they will go to Peru and fire from there.

“We had already obtained the archive of NSA cyber weapons released earlier today and will release our own pristine copy in due course”, the leak-publishing website tweeted two days ago, without any further explanation.

The provenance of the code has been a matter of heated debate this week among cybersecurity experts, and while it remains unclear how the software leaked, one thing is now beyond speculation: The malware is covered with the NSA’s virtual fingerprints and clearly originates from the agency.

One flaw was patched in 2011, but Cisco confirmed the other vulnerability was a zero-day exploit that could let an unauthenticated attacker access the firewall without credentials and remotely execute code on the device. Snowden’s leaks provided information on Seconddate, and the Shadow Broker files also include information on the malware, including a file titled SecondDate-3021.exe, The Intercept said.

The group was auctioning the tools over the Internet over the weekend, and researchers say the tools appear legitimate.

However, Cisco says it has issued security updates to fix the problem.

US spy agency apparent victim of data breach after hackers leak classified computer code online.

In a post written on Tuesday, he added that the “ability to keep something this big quiet” for that length of time was “probably limited to only those with operational security expertise or desire to leverage those bugs for themselves”.

Coined by Kaspersky Lab in 2015, the Equation Group described it as the most organised and advanced hacking group it had ever come across. Here are some of the leaked tools that Shadow Group has put on auction.

The NSA didn’t return emails seeking comment on his claim.

Academic Thomas Rid, whose book “Rise of the Machines” traces the earliest known Kremlin-linked computer hacking campaign in the USA, said Snowden’s declaration would likely be interpreted as “shrewd messaging” from Russian intelligence. Among them, he included the timing of the auction, which comes about three years after experts believe the information was stolen.

Advertisement

The Kaspersky analysis sheds some light on the situation, but leaves many unanswered questions, including the identity of the Shadow Brokers and what information the group actually has.

National Security Agency Building