Messages sent to an address registered by the Shadow Brokers were not returned.
Advertisement
A mysterious online group is claiming to have hacked the Equation Group, an organisation believed to be an affiliate of the US National Security Agency (NSA).
Shadow Brokers is a previously unknown group of cyber criminals that recently made available a large cache of weaponised vulnerabilities in high-profile software.
It also says it may release the code for free if it receives bids totalling more than one million bitcoins (£438m).
They claim to have found cyber weapons made by the creators of Stuxnet, Duqu, and Flame, three strains of malware that have been connected to the USA government. That’s more than half a billion dollars, and almost 1/15th of all the bitcoins in circulation. “The stuff they have there is super-duper interesting, but it is by far not the most interesting stuff in the tool set”, he said. The group intends to sell the files at an auction.
NSA is in deep shit if we are to believe what Shadow Brokers says.
“The sample files. are complete, but they are not extremely significant enough to shut down the Internet”, Suiche told Aarti. We find many many Equation Group cyber weapons. The files supposedly contain the frameworks for multiple NSA hacking tools.
The Washington Post reports that the hacking tools released in the teaser file – with names such as Epicbanana, Buzzdirection and Egregiousblunder – are highly sophisticated.
An analysis by Symantec of the leaked files concludes that they appear to be installation scripts, configuration files, and exploits targeting a range of routers and firewall appliances.
The exploits are not run-of-the-mill tools to target everyday individuals.
“This appears to be legitimate, and a framework created to take control of routers and firewalls”, said Nicholas Weaver, senior researcher at the International Computer Science Institute.
“This is risky”, said New York University computer security professor Justin Cappos.
“Why did they do it?”
Suspecting that the leak is “more diplomacy than intelligence”, Snowden noted that he thinks Russian Federation is behind Shadow Brokers’ activities. Snowden claimed that while the security breach itself was not the first of its kind, its was the firs time it went public.
Snowden also noted the fact that the released files end in 2013.
In a series of messages posted to Twitter, Snowden suggested the leak was the fruit of a Russian attack on an NSA malware server and could be aimed at heading off US retaliation over allegations that the Kremlin was trying interfere in America’s electoral process. “Circumstantial evidence and conventional wisdom indicates Russian responsibility”.
“This entire thing is a huge middle finger at America, at least that’s how some people would interpret it”, Thomas Rid, a professor in the Department of War Studies at King’s College London, told Motherboard.
At this stage, it’s not clear who Shadow Brokers are, but some security researchers are speculating that in the wake of the Democratic National Committee hack, which has been publicly attributed to Russian intelligence agencies by Hillary Clinton, this could be retaliation.
“We’ll never know”, he said in a message to AP.
Meanwhile, WikiLeaks has also stepped into the cyber-drama.
Advertisement
“We want to make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control”, the hackers wrote.
