It seems like the NSA has been HACKED!
Update: The NSA Hack — What, When, Where, How, Who & Why? Explained Here.
An unknown hacker or a group of hackers just claimed to have hacked into "Equation Group" -- a cyber-attack group allegedly associated with the United States intelligence organization NSA -- and dumped a bunch of its hacking tools (malware, private exploits, and hacking tools) online.
I know, it is really hard to believe, but some cybersecurity experts who have been examining the leak data, exploits and hacking tools, believe it to be legitimate.
Not just this, the hackers, calling themselves "The Shadow Brokers," are also asking for 1 Million Bitcoins (around $568 Million) in an auction to release the 'best' cyber weapons and more files.
Also Read: Links Found between NSA, Regin Spy tool and QWERTY Keylogger
Widely believed to be part of the NSA, Equation Group was described as "a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades," according to a report published by security firm Kaspersky in 2015.
Equation Group was also linked to the previous infamous Regin and Stuxnet attacks, allegedly the United States sponsored hacks, though the link was never absolutely proven.
Two days back, The Shadow Brokers released some files, which it claimed came from the Equation Group, on Github (deleted) and Tumblr.
The files mostly contained installation scripts, configurations for command-and-control (C&C) servers, and exploits allegedly designed to target routers and firewalls from American manufacturers including, Cisco, Juniper, and Fortinet.
According to the leaked files, Chinese company 'Topsec' was also an Equation Group target.
The leak mentioned names of some of the hacking tools that correlate with names used in the documents leaked by whistleblower Edward Snowden, like "BANANAGLEE" and "EPICBANANA."
"I haven't tested the exploits, but they definitely look like legitimate exploits," Matt Suiche, founder of UAE-based cyber security firm Comae Technologies, told the Daily Dot.
Also Read: NSA Planted Stuxnet-Type Malware Deep Within Hard Drive Firmware
While some are saying that the leak could be a very well-researched hoax, and the Bitcoin auction could be nothing but a distraction in an attempt to gain media attention.
Update: The NSA Hack — What, When, Where, How, Who & Why? Explained Here.
Update: The NSA Hack — What, When, Where, How, Who & Why? Explained Here.
An unknown hacker or a group of hackers just claimed to have hacked into "Equation Group" -- a cyber-attack group allegedly associated with the United States intelligence organization NSA -- and dumped a bunch of its hacking tools (malware, private exploits, and hacking tools) online.
I know, it is really hard to believe, but some cybersecurity experts who have been examining the leak data, exploits and hacking tools, believe it to be legitimate.
Hacker Demands $568 Million in Bitcoin to Leak All Tools and Data
Not just this, the hackers, calling themselves "The Shadow Brokers," are also asking for 1 Million Bitcoins (around $568 Million) in an auction to release the 'best' cyber weapons and more files.
Also Read: Links Found between NSA, Regin Spy tool and QWERTY Keylogger
Widely believed to be part of the NSA, Equation Group was described as "a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades," according to a report published by security firm Kaspersky in 2015.
Equation Group was also linked to the previous infamous Regin and Stuxnet attacks, allegedly the United States sponsored hacks, though the link was never absolutely proven.
Two days back, The Shadow Brokers released some files, which it claimed came from the Equation Group, on Github (deleted) and Tumblr.
Exploits for American & Chinese Firewalls Leaked:
The files mostly contained installation scripts, configurations for command-and-control (C&C) servers, and exploits allegedly designed to target routers and firewalls from American manufacturers including, Cisco, Juniper, and Fortinet.
According to the leaked files, Chinese company 'Topsec' was also an Equation Group target.
The leak mentioned names of some of the hacking tools that correlate with names used in the documents leaked by whistleblower Edward Snowden, like "BANANAGLEE" and "EPICBANANA."
"We follow Equation Group traffic," says the Shadow Broker. "We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files."It is yet not confirmed whether the leaked documents are legitimate or not, but some security experts agree that it likely is.
"I haven't tested the exploits, but they definitely look like legitimate exploits," Matt Suiche, founder of UAE-based cyber security firm Comae Technologies, told the Daily Dot.
Also Read: NSA Planted Stuxnet-Type Malware Deep Within Hard Drive Firmware
While some are saying that the leak could be a very well-researched hoax, and the Bitcoin auction could be nothing but a distraction in an attempt to gain media attention.
"If this is a hoax, the perpetrators put a huge amount of effort in," security researcher The Grugq told Motherboard. "The proof files look pretty legit, and they are exactly the sorts of exploits you would expect a group that targets communications infrastructure to deploy and use."However, if NSA has successfully been hacked, the hack would be a highly critical cyber security incident.
Update: The NSA Hack — What, When, Where, How, Who & Why? Explained Here.