Shadow Brokers crack open NSA hacking tool cache for world+dog

Daaaamn, these exploits are old-school

By John Leyden

Posted in Storage, 10th April 2017 11:39 GMT

The self-styled Shadow Brokers group has made a collection of NSA hacking tools and exploits publicly available.

The group released a password for their archive, making it available to all and sundry. They (unsuccessfully) attempted to auction off the trove last year.

In a (ranty) statement, Shadow Brokers said it was making the 2013 vintage hacking tools available as a protest against President Trump "abandoning" his base by bombing Syria in the wake of a chemical weapons attack on civilians, among other things.

Shadow Brokers made its name hawking exploits and vulnerabilities sourced from the Equation Group. Documents leaked by intelligence whistleblower Edward Snowden provide persuasive evidence that hacking tools previously leaked by the Shadow Brokers included malware and exploits that began life at the signals intelligence agency. Shadow Brokers said it was quitting back in January and released 58 Windows tools by way of a parting gift.

The latest leak includes a list of NSA targets alongside details of the implants deployed against them. Some of these targets involve systems of US allies, in Western Europe and elsewhere, such as universities. This is consistent with the NSA's practice of hacking anything and everything.

More damagingly, the leak implies that the US government concealed knowledge of a critical weakness in Linux systems.

Most of the exploits are old so it may be that the Shadow Brokers are either holding back on releasing the "good stuff" or never had them in the first place.

Snowden commented: "Quick review of the #ShadowBrokers leak of Top Secret NSA tools reveals it's nowhere near the full library, but there's still so much here that NSA should be able to instantly identify where this set came from and how they lost it. If they can't, it's a scandal." ®

Sign up to our NewsletterGet IT in your inbox daily

33 Comments

More from The Register

Report: NSA hushed up zero-day spyware tool losses for three years

Investigation shows staffer screw-up over leak

Shadow Brokers lay out pitch – and name price – for monthly zero-day subscription service

$21k lucky dip for exploits

Shadow Brokers hike prices for stolen NSA exploits, threaten to out ex-Uncle Sam hacker

Also starts mysterious VIP service for $130,000

Attackers use ancient zero-day to pop Asian banks, govts

Flawed desktop publishing tool for readers of Urdu and Arabic phlayed with phishing

Here's a timeless headline: Adobe rushes out emergency Flash fix after hacker exploits bug

So much for that security-patch-free October

So you’ve got a zero-day – do you sell to black, grey or white markets?

Bsides SF Bug bounty sales are getting very complicated, financially and morally

Hate to ruin your day, but... Boffins cook up fresh Meltdown, Spectre CPU design flaw exploits

And upcoming hardware changes may not be enough to kill off these security bugs

Microsoft starts buying speculative execution exploits

Adds bug bounty class for Meltdown and Spectre attacks on Windows and Azure

Vanilla Forums has a plain-flavoured zero-day

Updated PHPMailer bug leads to remote code execution via HTTP

Proposed PATCH Act forces US snoops to quit hoarding code exploits

Bipartisan bill wants to stave off another WannaCry