nsa NSA's Hacking Group Hacked! Bunch of Private Hacking Tools Leaked Online

[vissha]

NSA's Hacking Group Hacked! Bunch of Private Hacking Tools Leaked Online

 

 

It seems like the NSA has been HACKED!

An unknown hacker or a group of hackers just claimed to have hacked into "Equation Group" -- a cyber-attack group allegedly associated with the United States intelligence organization NSA -- and dumped a bunch of its hacking tools (malware, private exploits, and hacking tools) online.

I know, it is really hard to believe, but some cybersecurity experts who have been examining the leak data, exploits and hacking tools, believe it to be legitimate.

Hacker Demands $568 Million in Bitcoin to Leak All Tools and Data

Not just this, the hackers, calling themselves "The Shadow Brokers," are also asking for 1 Million Bitcoins (around $568 Million) in an auction to release the 'best' cyber weapons and more files.

Widely believed to be part of the NSA, Equation Group was described as "a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades," according to a report published by security firm Kaspersky in 2015.

Equation Group was also linked to the previous infamous Regin and Stuxnet attacks, allegedly the United States sponsored hacks, though the link was never absolutely proven.

Two days back, The Shadow Brokers released some files, which it claimed came from the Equation Group, on Github (deleted) and Tumblr.
 

Exploits for American & Chinese Firewalls Leaked:

The files mostly contained installation scripts, configurations for command-and-control (C&C) servers, and exploits allegedly designed to target routers and firewalls from American manufacturers including, Cisco, Juniper, and Fortinet.

According to the leaked files, Chinese company 'Topsec' was also an Equation Group target.

The leak mentioned names of some of the hacking tools that correlate with names used in the documents leaked by whistleblower Edward Snowden, like "BANANAGLEE" and "EPICBANANA."

 

Quote

"We follow Equation Group traffic," says the Shadow Broker. "We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files."

 

It is yet not confirmed whether the leaked documents are legitimate or not, but some security experts agree that it likely is.

"I haven't tested the exploits, but they definitely look like legitimate exploits," Matt Suiche, founder of UAE-based cyber security firm Comae Technologies, told the Daily Dot.

While some are saying that the leak could be a very well-researched hoax, and the Bitcoin auction could be nothing but a distraction in an attempt to gain media attention.

 

Quote

"If this is a hoax, the perpetrators put a huge amount of effort in," security researcher The Grugq told Motherboard. "The proof files look pretty legit, and they are exactly the sorts of exploits you would expect a group that targets communications infrastructure to deploy and use."

 

However, if NSA has successfully been hacked, the hack would be a highly critical cyber security incident.

 

Source

[SPECTRUM]

[straycat19]

Sorry I don't believe it.  The released tools are old and could have come from anywhere.  A lot of people have written about Equation but there has never been any definitive proof of anything that was written.  Send me a million bitcoins and I will send you Equation files that were written in the last three days.  Below is a sample but you have to be smart enough to decode it. 

 

If you are interested in this crap though you can get more info at

http://pastebin.com/NDTU5kJQ

 

[pc71520]

9 hours ago, vissha said:

The NSA has been HACKED!

It looks like a joke...

[Holmes]

Im not saying I believe the nsa got hacked I dont believe anything stray says now.  He has never shown any proof of what he can do he says he can do it thats all he can talk the talk he hasnt shown if he can walk the walk.

[humble3d]

BELIEVE IT OR NOT...

 

NSA hacking tools were leaked online

 

The NSA Leak Is Real, Snowden Documents Confirm

https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/

 

A cache of powerful hacking tools used by the National Security Agency have leaked online in what could be the biggest blow to the agency since 2013, when Edward Snowden came forward with documents that exposed the scope of its surveillance capabilities.

The leak raises new questions about how the NSA uses its offensive hacking ability and whether its approach ultimately leaves everyday users, not just the agency's targets, at risk.

Here's what you need to know about the leak:

What happened?

 

Over the weekend, a group calling itself the Shadow Brokers posted online what it claims is a trove of malware used by the Equation Group — a code name for hackers that cybersecurity researchers have linked to the NSA.

The 300-some megabytes of information appear to date to 2013 and is allegedly just a free taste of a larger trove that the Shadow Brokers will release once a digital "auction" for the information is held.

The group is asking for 1 million bitcoins — or about a half-billion dollars — before they will let it all loose. However, many experts are skeptical of the auction.

 

"It’s designed to distract.

It’s total nonsense," Nicholas Weaver, a computer security researcher at the University of California at Berkeley, told The Washington Post's Ellen Nakashima.

Weaver said bitcoin "is so traceable that a Doctor Evil scheme of laundering $1 million, let alone $500 million, is frankly lunacy."

What do these tools actually do?

The files contain what appears to be part of a sophisticated cyber arsenal.

Among the digital weapons are "exploits" — hard-to-develop tools used for penetrating and taking over firewalls made by companies, such as Cisco and Fortinet, that are commonly used to protect computer networks.

There are also "implant" tools that can help hackers do things like siphon out or modify information on a system once they've broken in.

Several of the tools relied on previously unknown — or "zero-day" — bugs in software that appear to remain vulnerable now.

How sure are we that these tools actually belonged to the NSA?

 

They seem pretty legit.

Although the NSA is staying mum, former NSA hackers told The Post that they appeared legitimate — as have other outside experts.

 Some file names from the cache also match up with programs or tools previously referenced in Snowden's revelations.

 

"Faking this information would be monumentally difficult, there is just such a sheer volume of meaningful stuff,” Weaver told The Post.

But it's not clear that the NSA at large was hacked. Instead, an NSA operator may have mistakenly uploaded a full tool set to a proxy server that the agency used to carry out infiltrations, experts told The Post.

So who are these Shadow Brokers?

The group's name appears to be a reference to a character in the "Mass Effect" video games who sells off information to the highest bidder.

But many, including Weaver and Snowden, say Russia is behind the leak.

While there's no hard evidence connecting Russia to the data as of now, on Twitter, Snowden argued that Russia may have released the cache to wave the U.S. government away from officially blaming hacks against the Democratic National Committee and other political organizations on the country.

Putting the tools out there "is likely a warning that someone can prove U.S. responsibility for any attacks that originated from" the server that hosted them, he said.

That could have major diplomatic fallout if, for instance, the tools were linked to spying on U.S. allies, Snowden argued.

WikiLeaks also tweeted that it had a full copy of the NSA tools cache that it would soon put up online, which may bolster the Russia theory.

WikiLeaks posted Democratic National Committee files online last month, which many suspect came from Russian cyberattacks on the party organization.

Are the tools still out there online?

What does this mean for my security?

The Switch newsletter

The day's top stories on the world of tech.

Yes. The Shadow Brokers put the files online in a few different ways, including using a peer-to-peer file sharing method called bittorrent — which makes it very hard, if not impossible, to delete them from the Web.

That's bad news for user security:

For one, these tools are now available to criminal hackers.

But secondly, the leak raises questions about how the government handles zero-day vulnerabilities.

There's an official process called an equities review that the government uses to weigh when it will tell software makers about security problems it discovers in their products.

But the exact process is murky — and critics of the NSA have long suspected that the agency hoards undisclosed vulnerabilities to use in its information-gathering efforts.

The reliance on zero-day bugs that remain unpatched today by the leaked tools suggest that the agency sat on problems for years.

When those problems go unfixed, it leaves everyday people vulnerable because other hackers might find and exploit the same issues.

This new leak seems to prove that other people can find the same vulnerabilities as the NSA — and in some cases, even gain access to the same tools the agency uses to exploit them.

 

https://www.washingtonpost.com/news/the-switch/wp/2016/08/17/nsa-hacking-tools-were-leaked-online-heres-what-you-need-to-know/

ALSO REPORTED BY MAINSTREAM MEDIA...