Strings of code were released to the Internet by a group calling themselves “the Shadow Brokers“. They said they would release more if the bidding reached some $565 million in the digital currency bitcoin.
Advertisement
But with so much of the agency’s internal workings revealed in documents leaked by former NSA contractor Edward Snowden, the possibility remains that the apparent leak is merely an elaborate but plasuible-seeming hoax.
Earlier this week, “Shadow Brokers” announced it was selling a number of cyber weapons claiming to be stolen from “The Equation Group” – a hacking unit uncovered a year ago by Kaspersky Labs that many believe are within NSA. The group demands 1 million bitcoins or approximately 560 million USA dollars to release more documents.
Many dismiss the auction as a stunt. “It’s created to distract”.
Hopeful bidders have been invited to send bitcoins the borderless electronic currency but as of late Wednesday the address specified by the group had only gathered 1.72 bitcoins, or $981.
The files contain what appears to be part of a sophisticated cyber arsenal. While the ShadowBrokers claimed the data was related to the Equation group, they did not provide any technical evidence of these claims. Four cybersecurity experts, including a USA official, told ABC News that from time to time the NSA outsources the development of cyberespionage tools to private contractors.
They seem pretty legit.
“Because of the sheer volume and quality, it is overwhelmingly likely that this data is authentic”. Instead, an NSA operator may have mistakenly uploaded a full tool set to a proxy server that the agency used to carry out infiltrations, experts told The Post.
Reuters could not contact the Shadow Brokers or verify their assertions.
The group’s name appears to be a reference to a character in the “Mass Effect” video games who sells off information to the highest bidder.
Snowden, a former NSA contractor, has been in exile in Russian Federation since June 2013.
However, the attackers – if they’re indeed enemies of the U.S. – may be more interested in sending a message than making any money off the hack. Some experts who looked at the samples posted on Tumblr said they included programs that had previously been described and therefore were unlikely to cause major damage. At a time when Russian Federation has been pilloried for hacking into the DNC and other American political organizations, the release of NSA hacking tools shows how American spies use digital tools to carry out espionage.
WikiLeaks tweeted Tuesday that it has already received a trove of NSA’s cyber weapons.
A group of mysterious hackers recently claimed to have broken into the systems of another hacking group with suspected links to the National Security Agency, and the attackers are now attempting to auction off the cyber superweapons they said they found.
As is typical in such cases, the true identity of whoever put the tools online remains hidden. What does this mean for my security?
USA officials have yet to comment on the record about the legitimacy of the hack or who was ultimately behind it.
But secondly, the leak raises questions about how the government handles zero-day vulnerabilities.
Advertisement
The company said in a blog post that the other vulnerability was fixed in 2011.
