Data Centre

Storage

Shadow Brokers crack open NSA hacking tool cache for world+dog

Daaaamn, these exploits are old-school

By John Leyden

33 SHARE

The self-styled Shadow Brokers group has made a collection of NSA hacking tools and exploits publicly available.

The group released a password for their archive, making it available to all and sundry. They (unsuccessfully) attempted to auction off the trove last year.

In a (ranty) statement, Shadow Brokers said it was making the 2013 vintage hacking tools available as a protest against President Trump "abandoning" his base by bombing Syria in the wake of a chemical weapons attack on civilians, among other things.

Shadow Brokers made its name hawking exploits and vulnerabilities sourced from the Equation Group. Documents leaked by intelligence whistleblower Edward Snowden provide persuasive evidence that hacking tools previously leaked by the Shadow Brokers included malware and exploits that began life at the signals intelligence agency. Shadow Brokers said it was quitting back in January and released 58 Windows tools by way of a parting gift.

The latest leak includes a list of NSA targets alongside details of the implants deployed against them. Some of these targets involve systems of US allies, in Western Europe and elsewhere, such as universities. This is consistent with the NSA's practice of hacking anything and everything.

More damagingly, the leak implies that the US government concealed knowledge of a critical weakness in Linux systems.

Most of the exploits are old so it may be that the Shadow Brokers are either holding back on releasing the "good stuff" or never had them in the first place.

Snowden commented: "Quick review of the #ShadowBrokers leak of Top Secret NSA tools reveals it's nowhere near the full library, but there's still so much here that NSA should be able to instantly identify where this set came from and how they lost it. If they can't, it's a scandal." ®

Sign up to our NewsletterGet IT in your inbox daily

33 Comments

More from The Register

Chinese web giant finds Windows zero-day, stays schtum on specifics

Quihoo 360 plays the responsible disclosure game

Stop us if you've heard this one: Adobe Flash gets emergency patch for zero-day exploit

The internet's screen door gets kicked open once again

Don't fear 1337 exploits. Sloppy mobile, phishing defenses a much bigger corp IT security threat

AppSec EU DARPA-funded white hat emits timeless advice

Report: NSA hushed up zero-day spyware tool losses for three years

Investigation shows staffer screw-up over leak

Shadow Brokers lay out pitch – and name price – for monthly zero-day subscription service

$21k lucky dip for exploits

High-end router flinger DrayTek admits to zero day in bunch of Vigor kit

'It may be possible for an attacker to intercept your router'

Shadow Brokers hike prices for stolen NSA exploits, threaten to out ex-Uncle Sam hacker

Also starts mysterious VIP service for $130,000

Attackers use ancient zero-day to pop Asian banks, govts

Flawed desktop publishing tool for readers of Urdu and Arabic phlayed with phishing

Here's a timeless headline: Adobe rushes out emergency Flash fix after hacker exploits bug

So much for that security-patch-free October

So you’ve got a zero-day – do you sell to black, grey or white markets?

Bsides SF Bug bounty sales are getting very complicated, financially and morally