18 April 2017

With no bids, hacking group leaks NSA surveillance tools

By Tom Brant, PCMag

This Thursday, June 6, 2013 file photo shows the National Security Administration (NSA) campus in Fort Meade, Md. (AP Photo/Patrick Semansky, File) 

Unable to attract the millions of dollars for which they were hoping to sell their trove of purported government surveillance tools, the hacking group Shadow Brokers released it online for free this week.

In a rambling post on Medium using broken English, the group said that after failing to auction their findings, their dislike of President Donald Trump motivated them to leak the tools for free.

The trove apparently includes software exploits that the National Security Administration developed for electronic surveillance, according to experts who have reviewed it. It includes a list of NSA targets and the specific implants installed, including their IP addresses, according to security consultant Kevin Mitnick.

This is interesting. A list of NSA targets and the specific implants installed (IP address included). https://t.co/d0A950lD3t#ShadowBrokers

— Kevin Mitnick (@kevinmitnick) April 9, 2017

Arrigo Triulzi, co-founder of security firm K2 Defender, noted on Twitter that some of the tools are antiquated and were targeted at obscure computer configurations. They include some DEC Alpha-powered machines, he said, an HP computing architecture that hasn’t been sold since 2007.

Shadow Brokers leaked some details of their trove last fall, including NSA-style code names like “Jackladder” and “Dewdrop.” The source of their trove appears to be the Equation Group, a separate hacking organization with ties to the NSA.

Named after its penchant for encryption algorithms, Equation Group has hacked targets in more than 30 countries — including Iran, Russia, Pakistan, Afghanistan, India, and China, according to security firm Kaspersky. Its focus is on government, nuclear research, military, and nanotechnology organizations, as well as companies developing cryptographic technologies.

The Shadow Brokers group tried to auction their catalog of exploits for more than $7 million in bitcoin, but the most the group received was a $9,000 offer earlier this year, according to CyberScoop.

This article originally appeared on PCMag.com.

No comments: