According to an internal NSA presentation from the Snowden trove, the tool allows the NSA to carry out “man-in-the-middle” attacks against targeted computers to intercept traffic on a network and reroute web requests to the NSA. “The chances of all these being faked or engineered is highly unlikely”, the security company added.
Advertisement
In doing so, the security body recreates the exploits they find to identify their targets to defend themselves when they are the target in the future.
One security researcher even called the exploit the equivalent of an “Internet God Mode”, so it likely still has quite some value left, if many companies keep using these security appliances.
Nicholas Weaver, a computer-science professor and researcher at the University of California, Berkeley, wrote Tuesday that the data dump seems real-and that it was probably snagged from an NSA server. “If they didn’t know, this is VERY BAD”.
Meanwhile, “The Shadow Brokers” are still holding an open auction for 1 million bitcoins in exchange for the key to the remaining cyber weapons in their possession, with little to no bidders having made an offer as of today.
We hack Equation Group.
Few take the name or the manifesto at face value.
The evidence for this, The Intercept said, came from a top secret NSA manual, provided to it by Snowden, which provided guidelines for implanting malware.
“On August 17, 2016, we issued two security advisories which deliver free software updates and workarounds where possible”, it said. That would be a politically charged development in the context of recent allegations that Russian Federation is trying to tamper with America’s presidential campaign.
KitGuru Says: It would be really interesting to look at an alternate timeline where Snowden didn’t flee to China/Russia and didn’t leak anything.
Snowden didn’t return messages seeking additional comment.
Matt Suiche of Comae Technologies in the United Arab Emirates said it appears the tools “could be used” if security flaws have not been fixed.
Other experts say they, too, believe the files contain actual NSA code. Snowden’s leaks provided information on Seconddate, and the Shadow Broker files also include information on the malware, including a file titled SecondDate-3021.exe, The Intercept said.
Shadow Brokers have already published much of the data they claim to have.
Advertisement
“High level U.S. political officials seemed quite upset about the DNC hacks, which no doubt resulted in a covert response, which this is then likely a counter-response to”, he said.
