In August, anonymous hacker(s) dumped a cache of cyberweapons that appeared to originate with The Equation Group, an elite, NSA-affiliated hacking squad.
The leakers called themselves The Shadow Brokers, and they sought bTc1,000,000 for access to the remainder of The Equation Group's files. Earlier this month, arrested NSA contractor Harold Thomas Martin was accused of being the source of the leak to The Shadow Brokers, though not necessarily deliberately (he may have been hacked by The Shadow Brokers).
The Shadow Brokers have had no takers for their auction, and so they're now dumping more files, presumably to stir up interest.
The new leak purportedly reveals IP addresses of NSA controlled servers in 49 countries that are used to launch offensives against NSA targets. If the leaks are to be believed, they show that the NSA uses hacked servers in China and Russia to attack other countries.
The dump contains some 300 folders of files, all corresponding to different domains and IP addresses. Domains from Russia, China, India, Sweden, and many other countries are included. According to an analysis by the security researcher known as Hacker Fantastic, the dump contains 306 domains and 352 IP addresses relating to 49 countries in total.
If accurate, victims of the Equation Group may be able to use these files to determine if they were potentially targeted by the NSA-linked unit. The IP addresses may relate to servers the NSA has compromised and then used to deliver exploits, according to security researcher Mustafa Al-Bassam.
“So even the NSA hacks machines from compromised servers in China and Russia. This is why attribution is hard,” Al-Bassam tweeted on Monday.
Message#5 — Trick or Treat?
[The Shadow Brokers/Medium]
NSA Hackers The Shadow Brokers Dump More Files
In the 1970s, the Soviets managed to intercept top secret communications in the US embassy in Moscow and nobody could figure out how. While an antenna was eventually found hidden in the embassy’s chimney, it took years to determine how what data was being collected for transmission and how. As a last resort, all equipment […]
The Cyber Independent Testing Lab is a security measurement company founded by Mudge Zadko (previously), late of the Cult of the Dead Cow and l0pht Heavy Industries and the NSA's Tailored Access Operations Group; it has a unique method for assessing the security of devices derived from methods developed by Mudge at the NSA.
Well, pretty much everyone saw this lawsuit coming.
You’d be surprised anyone would have to say this, but…there are plenty of items that don’t belong in a suitcase. Like a bag of dead birds. No, really…people are actually packing bags of small dead birds into their luggage these days. Look, we can’t tell you how to pack. That’s your business. But we can […]
Presidents’ Day and VPNs may not be a natural fit at first glance. But think about it for a minute. George Washington and Abraham Lincoln were both American presidents whose legacies are forever tied with liberty and freedom. And what is a VPN service if not absolute web liberty and freedom for all your digital […]
You hear the stories all the time. You know the ones about how a new vehicle instantly loses hundreds, even thousands of dollars in value the second a new owner drives it off the lot. Depreciation is a killer, especially when the item itself works just as well — or maybe even better than all […]