Stories
Slash Boxes
Comments

SoylentNews is people

posted by n1 on Monday August 15 2016, @11:55PM   Printer-friendly
from the all-the-hats dept.

A group is claiming that they hacked the NSA and obtained advanced malware and hacking tools (such as Stuxnet):

A mysterious hacker or hackers going by the name "The Shadow Brokers" claims to have hacked a group linked to the NSA and dumped a bunch of its hacking tools. In a bizarre twist, the hackers are also asking for 1 million bitcoin (around $568 million) in an auction to release more files.

"Attention government sponsors of cyber warfare and those who profit from it!!!!" the hackers wrote in a manifesto posted on Pastebin, on GitHub, and on a dedicated Tumblr. "How much you pay for enemies cyber weapons? [...] We find cyber weapons made by creators of stuxnet, duqu, flame."

The hackers referred to their victims as the Equation Group, a codename for a government hacking group widely believed to be the NSA.

Also at Computerworld:

The whole episode screams elaborate SCAM, but maybe it is legit as Twitter chatter by some security experts seem to lean toward believing it. On the flipside, it doesn't appear as if many trust it enough yet to have coughed up bitcoins. Other hackers are suggesting the auction is made up of really old vulnerabilities; this is partially based on the "free" files being offered by Shadow Broker as proof of hacking the Equation Group. Or it could be a mix, old and new, to keep everyone off-balance. Another oddity, pointed out in a Pwn All The Things tweet, is that the "free sample" file size is actually larger than the auction file size.

Yet security pro Matt Suiche dived into the free files offered by Shadow Broker, then took to Medium to say, "Most of the code appears to be batch scripts and poorly coded Python scripts. Nonetheless, this appears to be legitimate code." Suiche said the main targets in the dump he reviewed "appeared to be Fortigate, TopSec, Cisco and Juniper firewalls." He described some of the codenamed-exploits such as Eligible Bachelor, Extra Bacon and Banana Glee. The latter, he pointed out, is "particularly interesting because it allows references to the JETPLOW explanation from the 2014 NSA's Tailored Access Operations (TAO) catalog."


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Interesting) by FatPhil on Tuesday August 16 2016, @08:25AM

    by FatPhil (863) <{pc-soylent} {at} {asdf.fi}> on Tuesday August 16 2016, @08:25AM (#388615) Homepage
    All the words are correct, all the grammar's messed up - and looks Slavglish to me.

    Sure, there are spelling checkers to fix words, but with the level of English demonstrated by the grammar you almost always end up with homonym (specifically heterograph) issues which are seemingly absent, and the vocabulary wouldn't necessary be so extensive. So I hypothesise that the grammar of the text was deliberately worsenned before release in order to give it a more exotic, and sinister, character.

    However, the things that will determine how fake they are are the answers to "how much of this stuff is new?" - are they just rebundling old stuff - and "how much of this is useful?" which will require the insights of those who know about the targets of the hacks. However, bundling CVEs from 2006 doesn't sound particularly groundbreaking.
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
    Starting Score:    1  point
    Moderation   +3  
       Insightful=1, Interesting=2, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5