SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    "The Shadow Brokers" Claim to Have Hacked NSA
Date    Monday August 15 2016, @11:55PM
Author    n1
Topic   
from the all-the-hats dept.
https://soylentnews.org/article.pl?sid=16/08/15/2251226

takyon writes:

A group is claiming that they hacked the NSA and obtained advanced malware and hacking tools (such as Stuxnet):

A mysterious hacker or hackers going by the name "The Shadow Brokers" claims to have hacked a group linked to the NSA and dumped a bunch of its hacking tools. In a bizarre twist, the hackers are also asking for 1 million bitcoin (around $568 million) in an auction to release more files.

"Attention government sponsors of cyber warfare and those who profit from it!!!!" the hackers wrote in a manifesto posted on Pastebin, on GitHub, and on a dedicated Tumblr. "How much you pay for enemies cyber weapons? [...] We find cyber weapons made by creators of stuxnet, duqu, flame."

The hackers referred to their victims as the Equation Group, a codename for a government hacking group widely believed to be the NSA.

Also at Computerworld:

The whole episode screams elaborate SCAM, but maybe it is legit as Twitter chatter by some security experts seem to lean toward believing it. On the flipside, it doesn't appear as if many trust it enough yet to have coughed up bitcoins. Other hackers are suggesting the auction is made up of really old vulnerabilities; this is partially based on the "free" files being offered by Shadow Broker as proof of hacking the Equation Group. Or it could be a mix, old and new, to keep everyone off-balance. Another oddity, pointed out in a Pwn All The Things tweet, is that the "free sample" file size is actually larger than the auction file size.

Yet security pro Matt Suiche dived into the free files offered by Shadow Broker, then took to Medium to say, "Most of the code appears to be batch scripts and poorly coded Python scripts. Nonetheless, this appears to be legitimate code." Suiche said the main targets in the dump he reviewed "appeared to be Fortigate, TopSec, Cisco and Juniper firewalls." He described some of the codenamed-exploits such as Eligible Bachelor, Extra Bacon and Banana Glee. The latter, he pointed out, is "particularly interesting because it allows references to the JETPLOW explanation from the 2014 NSA's Tailored Access Operations (TAO) catalog."


Original Submission

Links

  1. "takyon" - https://soylentnews.org/~takyon/
  2. "claiming that they hacked the NSA" - https://motherboard.vice.com/read/hackers-hack-nsa-linked-equation-group
  3. "The Shadow Brokers" - https://twitter.com/shadowbrokerss
  4. "manifesto" - https://archive.is/rdYpc#selection-623.1-623.84
  5. "GitHub" - https://github.com/theshadowbrokers/EQGRP-AUCTION
  6. "Tumblr" - https://theshadowbrokers.tumblr.com/
  7. "Equation Group" - http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/
  8. "Computerworld" - http://www.computerworld.com/article/3107310/security/hacking-group-purportedly-hacked-nsa-linked-equation-group-auctioning-cyber-weapons.html
  9. "SCAM" - https://twitter.com/Timo_Steffens/status/765162662091223044
  10. "bitcoins" - https://blockchain.info/address/19BY2XCgbDe6WtTVbTyzM9eR3LYr6VitWK
  11. "tweet" - https://twitter.com/pwnallthethings/status/765195134136946688
  12. "Matt Suiche" - https://twitter.com/msuiche
  13. "say" - https://medium.com/@msuiche/shadow-brokers-nsa-exploits-of-the-week-3f7e17bdc216
  14. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=15321

© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, "The Shadow Brokers" Claim to Have Hacked NSA on 2024-09-14 23:06:20