The files don’t appear to contain any identifying data nor do they clearly point to any single agent in the field. The hack of an NSA malware staging server is not unprecedented, but the publication of the take is. The hackers have received a little over a bitcoin in their online wallet and no one has come forward to pay for the “best files.”Īs for the auction the Equation Group will release the files to the highest bidder and they promise the files are “better than stuxnet,” a virus used to slow down Iran’s nuclear enrichment programs. Snowden suggests that all of these files were on a staging server somewhere within the Equation Group servers and by admitting they scoured the Group’s “source range” we learn that the Shadow Brokers found one Equation Group server and methodically tried IP addresses in that range. While a folder of files isn’t as exciting as, say, a whirring, clicking magic hacking machine we’d see in the movies, this is the stuff an agent would download, use, and delete when trying to take control of a server. These are, however, the files that an NSA agent would use if they were trying to hack your server. Without training, however, it is not clear if any of the files are particularly dangerous on their own. Some of the files – BANANAGLEE, for example – appeared in the leaked Snowden files which suggests the files are real and sourced from the NSA’s own servers. The “free” files are all dated from the Summer of 2013 which suggests they aren’t completely up to date and they contain fairly innocuous-looking tools with ominous names like “eligiblebombshell” and “escalateplowman.” Most of these are human-readable and written in Python or shell script although there are some compiled binaries. These are hacking tools including RATs – or remote access Trojans – and exploits designed to attack web and file servers. What Does It Mean?įirst, we need to understand what these files are and what they do. Snowden suggests that the hackers were Russian although the simplistic grammar above could be a cover. But not all, we are auction the best files. This is good proof no? You enjoy!!! You break many things. We give you some Equation Group files free, you see.
We find many many Equation Group cyber weapons.
#Bitmessage nsa proof full#
Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. How much you pay for enemies cyber weapons? Not malware you find in networks. It is yet unclear how these files can be used to damage networked computers although I’m sure there is something of value in the trove.
#Bitmessage nsa proof how to#
From my cursory inspection the files look to be more functional than damaging and show NSA hackers how to quickly deploy their tools and then close infiltrations without a trace. The “free” file contains many staging programs designed to inject malware into various servers. They’ve also released images of the file tree containing a script kiddie-like trove of exploits ostensibly created and used by the NSA as well as a page calling out cyber warriors and “Wealthy Elites.” The page also contains links to the two files, both encrypted. Wikileaks has said they already own the “auction” files and will publish them in “due course.” The Shadow Brokers published two chunks of data, one “open” chunk and another encrypted file containing the “best files” that they will sell for at least $1 million. In what Edward Snowden deems “not unprecedented,” hackers calling themselves the Shadow Brokers have collected NSA-created malware from a staging server run by theĮquation Group, an internal hacking team.
0 kommentar(er)
