The malevolent organization touts that it has unreleased exploits, and it even organized a Bitcoin auction to sell these to the highest bidder. “It’s total nonsense”, Nicholas Weaver, a computer security researcher at the University of California at Berkeley, told The Washington Post’s Ellen Nakashima.
Advertisement
Almost all the files, however, appear to be newer than June 2013, suggesting that “Shadow Broker” may have lost access to NSA files around then. “We knew that the NSA is a department of humans using technology, which means they are vulnerable to mistakes and attacks like all other humans using technology”.
The flaws are originally thought to have come from a hacking collective called Equation Group, which has close ties to the NSA. We hack Equation Group. Kaspersky has found encryption algorithms among more than 300 files in the Shadow Brokers’ cache used in a way that has only been seen before in Equation Group malware.
The documents released by The Intercept also note that the program was successfully used to spy on systems in both Pakistan and Lebanon.
But many, including Weaver and Snowden, say Russian Federation is behind the leak.
“This leak is likely a warning that someone can prove USA responsibility for any attacks that originated from this malware server”, Snowden said.
Former NSA contractor Snowden gave credence to the hack in a series of tweets on Tuesday, August 17, going as far as to suggest that the attack on the the USA intelligence agency’s malware server was state-backed.
The stolen cybersurveillance tools might help foreign governments do forensics on their own computer systems to determine whether they have been targets of USA surveillance efforts, a potentially embarrassing development for Washington.
WikiLeaks also tweeted that it had a full copy of the NSA tools cache that it would soon put up online, which may bolster the Russian Federation theory.
The hackers over the weekend posted two sets of files, one that is freely accessible and another that remains encrypted.
Advertisement
They said they would release this additional information subject to raising one million Bitcoins – digital currency, in this case worth about $575 million – through an online auction. A zero day exploit is a security vulnerability that is unknown to the organisation creating the hardware or software with the vulnerability. This is how the agency can steal rival hacking tools, and it can lurk undetected on these servers for years. “Most likely they are part of the NSA toolset, judging just by the volume and peeps into the samples”.
