Who's hacking the hackers? NSA-affiliated group supposedly compromised by cyber-attacks

A supremely realistic depiction of hackers

The NSA has become infamous for not only spying on a good portion of the world’s population, but also for exploiting security flaws and tech vulnerabilities for its own purposes. Now a group of hackers claim to have infiltrated some NSA-affiliated systems, and to have gained access to a treasure-trove of hacking tools and exploits.

A group calling themselves Shadow Brokers, have supposedly managed to indirectly infiltrate the NSA, an extraordinary claim by all accounts. They claim to have accessed a network used by the “Equation Group”, a hacking group affiliated with the NSA, with ties to Stuxnet and Flame. The Shadow Brokers group posted a series of screenshots, which were later removed, and a number of files they claim they got off the Equation Group network.

According to security experts, quoted by Ars Technica, the files posted by the hackers are “not fully fake”, meaning this doesn’t look like an elaborate hoax – though it may still be one. That’s according to one researcher who explained he believes the files are genuine and said: “Most likely they are part of the NSA toolset, judging just by the volume and peeps into the samples [...] and yes, the first guess would be Equation Group.”

Other researchers pointed to some of the IPs leaked in the files, one of which belonged to the Department of Defense. Among the files leaked, there seem to be exploits, implants and tools for breaching firewalls or routers. That being said, the most recent files are from 2013, leading some researchers to believe that the hackers did not actually get to the Equation Group, but instead infiltrated one of the command and control (C&C) servers that the Equation Group had used.

The hackers claim they have a lot more files which are supposedly up for sale, with an asking price of one million Bitcoins, which is around $500 million. Researchers doubt the group is actually looking to sell the data – instead they believe this operation, which could still prove to be a false-flag op, was meant to embarrass and provoke the NSA, and by extension the US government.

Source: Ars Technica | Hacker image via Shutterstock

Report a problem with article
d.va_overwatch
Next Article

Huge changes are coming to Competitive Play in Season 2 of Overwatch

gear-s2_movement
Previous Article

Samsung teases Gear S3 smartwatch reveal, sets unveiling date for August 31st

6 Comments - Add comment

Advertisement