Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Claim To Be Selling NSA Cyberweapons In Online Auction (dailydot.com)

Posted by msmash on from the everyone's-hacked dept.

Reader blottsie writes: A group of hackers identifying themselves as theShadow Brokers claims to have hacked the NSA's Equation Group, a team of American hackers that have been described as both "omnipotent" and "the most advanced" threat cyberspace has ever seen. On the Shadow Brokers' website, the group has shared a sample of data that some cybersecurity experts say lends credibility to the breach. The the hackers' asking price for what they claim is a cache of NSA-built cyberweapons. Motherboard's take on this is here.

88 comments

  1. One thing to say... by poofmeisterp · · Score: 4, Insightful

    Honeypot (if it's a real).

    1. Re:One thing to say... by eyenot · · Score: 2

      yeah, my first thought was "this is a great way to attempt to catch some potentially very malicious people".

      but then i thought, "it would be great if this code got into the hands of the security crowd".

      --
      "Stratigraphically the origin of agriculture and thermonuclear destruction will appear essentially simultaneous" -- Lee
    2. Re:One thing to say... by PolygamousRanchKid+ · · Score: 1

      Honeypot (if it's real).

      Well, I was thinking, if it is real, the highest bidder will be the NSF itself. So the FBI and CIA could chase them down.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    3. Re:One thing to say... by Anonymous Coward · · Score: 0

      The National Science Foundation?

      mkay...

    4. Re:One thing to say... by Anonymous Coward · · Score: 0

      The National Science Foundation?

      mkay...

      NS*. How about that?

    5. Re:One thing to say... by Anonymous Coward · · Score: 0

      https://translate.google.com/t...

      Google translate just in case.

    6. Re:One thing to say... by Anonymous Coward · · Score: 0

      5 words to say : "Snowden came in his pants."

    7. Re:One thing to say... by Anonymous Coward · · Score: 0

      If they Shadow Brokers were for real, then they would have begun a Kickstarter campaign to fund the NSA hack.
      But they didn't because they knew they were pulling a scam, and scam Kickstarter campaigns always have to give the money back.

  2. Old news by Anonymous Coward · · Score: 1

    The NSA has had rootkits in it for years. It's funny how arrogant they think they are :)

    1. Re:Old news by mcswell · · Score: 1

      and you know this how?

    2. Re:Old news by Anonymous Coward · · Score: 0

      The NSA has had rootkits in it for years. It's funny how arrogant they think they are :)

      and you know this how?

      And for years to come, someone will link to the AC's post as "proof" the NSA was rooted.

  3. Sure, sure... by Anonymous Coward · · Score: 0

    I'll just slot the Flatline ROM and let him take on that ICE.

  4. I hope.... by TheCarp · · Score: 4, Insightful

    Whoever wins the auction releases every single bit of it to the public with no redaction whatsoever.

    There should be a collective public bid available, I would pledge a couple of btc to the public bid if there was a credible one. I would consider it penance for the taxes I paid to create the originals.

    --
    "I opened my eyes, and everything went dark again"
    1. Re:I hope.... by TheCarp · · Score: 1

      Even if there was only a small chance of it being true, it would still be a better chance than there is now of the enemies of freedom having their tools leaked, so I will take a small chance over none.

      --
      "I opened my eyes, and everything went dark again"
    2. Re:I hope.... by Tharkkun · · Score: 1

      Even if there was only a small chance of it being true, it would still be a better chance than there is now of the enemies of freedom having their tools leaked, so I will take a small chance over none.

      You're assuming they don't leak them anyways after receiving their ransom payment.

    3. Re:I hope.... by TheCarp · · Score: 1

      Do you even have a point? Yes, there is some reason to doubt this one. However, its well crafted if its fake. Well crafted enough to be worth a hell of a lot more than your bridge proposal.

      Weak try really.

      --
      "I opened my eyes, and everything went dark again"
    4. Re:I hope.... by Anonymous Coward · · Score: 0

      Some reason to doubt an expose` of the internals of the alpha-bet soup crowd?

      There is EVERY reason to doubt that sort of thing :)

      So much so, that using it as fodder for jokes in the only way to prevent getting drug into a fool's game

    5. Re:I hope.... by TheCarp · · Score: 1

      Not really. Either way I am getting what i want right? I have no qualms about paying them for the public release. Sure, I would prefer they do it for ideological reasons but, everybody needs to eat and operational costs can be real, never mind the time they put in.

      I mean, why would I make such a specific assumption without any suggestion that its what they would do; esp when they say explicitly its something they wont do, even if the winning bidder asks them to, right in their FAQ, leaving the task of any release to the winner himself quite explicitly.

      Plus, if you read the stratfor leaks, you would know the intelligence community has evaluated ideologues under the heading "Patriot": "A source who is betraying his country for ideological, religious, patriotic or other unreliable beliefs. Very dangerous person. He could change his mind."

      So, overall, I guess you would say, I hope they are ideologues because they might change their mind and release the info anyway. However, I doubt they are, as even if they think they are, if its real, they have to know this they struck gold and that has a tendency to change motivations.

      In fact, the only things I hope are not true: 1. I hope this isn't fake. 2. I hope the NSA or some other secret group doesn't win. and 3. If 1 pans out, and 2 doesn't, I hope this group is ideological enough to change their mind and release anyway.

      Good news is, if it is real, it only takes one member to decide to change his mind later.... dare to dream....

      --
      "I opened my eyes, and everything went dark again"
    6. Re:I hope.... by Anonymous Coward · · Score: 0

      Ask yourself... if somebody gained access to the keys of the kingdom, then why would they clue anybody in to that, when they could be grabbing dimes from a 100 millions sources and be rich with nobody else the wiser?

      It is much more likely that somebody wants to create a potential source for a leak without coming under suspicion for being the leak

    7. Re:I hope.... by Anonymous Coward · · Score: 0

      Every reason indeed to doubt that they could ever have their internals exposed.

      I mean, it's not like Edward Snowden ever existed, eh?

    8. Re:I hope.... by chuckugly · · Score: 1

      It seems like a lot of the potential value is not in recovering the lost information so much as trying to use it to assess what has and has not been compromised and what the original source was, if that is not already known. I don't think there is any chance of putting those particular cats back in the bag, but an inventory would be useful even if it's incomplete.

    9. Re: I hope.... by Anonymous Coward · · Score: 0

      Dragged. You dragged your knuckles, not drug.

      You could also just ignore it rather than pretending to not care. I fail to see how ignoring this would drag you into anything.

      But you know, shills gonna shill.

    10. Re: I hope.... by Anonymous Coward · · Score: 0

      You remind me of Klaus Fuchs. How did that work out having Russia be on equal footings?

    11. Re: I hope.... by Anonymous Coward · · Score: 0

      Of course, because you'll always be able to outbid.. y'know.. The government that actually prints the money.

    12. Re: I hope.... by TheCarp · · Score: 1

      "Fuchs's espionage likely led the U.S. to cancel a 1950 Anglo-American plan to give Britain American-made atomic bombs"

      Sounds like it worked out ok. Can't think of a better plan to scuttle than warmongers sharing their toys.

      Too bad the internet didn't exist so he couldn't have given this gift directly to the public.

      --
      "I opened my eyes, and everything went dark again"
    13. Re:I hope.... by Anonymous Coward · · Score: 0

      Even if there was only a small chance of it being true, it would still be a better chance than there is now of the enemies of freedom having their tools leaked, so I will take a small chance over none.

      The NSA is an enemy of freedom. Who are you referring to?

    14. Re:I hope.... by TheCarp · · Score: 1

      Sorry I missed your Query. Yes the NSA, the poorly named "National Security Agency".

      Where to even begin. First of all, they spy on us, and when unable to do so legally, farm it out to external resources who can. This is a clear violation of privacy rights, but more than that, has a chilling effect on free speech.

      They know about software flaws that put us at risk to abuse by third parties, yet keep those hidden so that people like them can abuse those flaws to gain unauthorized access to private information and infrastructure.

      They are the enemies of any person who cares about liberty and the abuse of power by individuals with deep pockets.

      --
      "I opened my eyes, and everything went dark again"
  5. Re:auction by Anonymous Coward · · Score: 0

    $0.05 has been deposited in your account.

  6. Equation = L0pht by Anonymous Coward · · Score: 0

    We finally get to see some new wares from L0pht!

  7. Let's Face It by Anonymous Coward · · Score: 5, Insightful

    It doesn't matter if Equation Group is part of the NSA, or if these tools come from Equation Group, or whatever. Just so long as these are real hacking tools used by any state agency, from any country, this puts the final nail in the coffin. Not that most of us needed that final nail.

    The coffin being, "oh just create an encryption/security back door so that legitimate law enforcement can access it. You don't support child molesters and terrorists do you?"

    Everybody. Gets. Hacked.

    Secrets. Don't. Stay. Secret.

    Yeah, the people who owned/created this screwed up. The point is, everyone screws up, given enough time and enough people involved.

    1. Re:Let's Face It by Sir+Holo · · Score: 1

      Yeah, the people who owned/created this screwed up. The point is, everyone screws up, given enough time and enough people involved.

      Yes. And the correlation of a leak/screw-up increases exponentially with number of people who know the secret... Or alternatively, as time goes by.

    2. Re:Let's Face It by gtall · · Score: 1

      Awww shit, there goes all the conspiracy theories I've been working on. Obama probably is an alien and not a Muslim, WTC was an outside job ...by...by...the Saudi Royal Twats, Putin has a soul.

  8. riiiiiight by Anonymous Coward · · Score: 2, Insightful

    Good chance it's the Hacking Team software that has a built in backdoor which was sold to 3rd world dictators... except ya know the new and improved version with a different backdoor. Since they were exposed they haven't been able to peddle their wares anymore so they're getting desperate for a sale. Any hacker smart enough to want those programs is smart enough to stay the hell away from those programs. Dangle the worm and see who bites? You posted this on the wrong site mates if you want that action. This is a radioactive post. Anyone who falls for this is going to get into a world of shit. American hackers my ass. No US hacker would be retarded enough to attempt to hack the NSA. You would have to be autistic and retarded to think that would be a good idea. Even if the claim is real the only ones that would ever have a chance at hacking the NSA are other governments that specialize in espionage such as Great Britain, Germany, Russia, China, or Israel.

    1. Re:riiiiiight by MooseTick · · Score: 1

      "No US hacker would be retarded enough to attempt to hack the NSA."

      The NSA is not God. Its just a collection of people. People who make mistakes. Granted, its is likely a collection of people with above average intelligence. That could be their weakness though. When someone thinks they are smarter than everyone else they tend to get lazy. Look at all the James Bond villains. They create all kinds of ingenious methods to kill him when a double tap to the head would do the trick. He always escapes and foils their plans.

      --
      Ninjas don't carry tic tacs
    2. Re:riiiiiight by Anonymous Coward · · Score: 1

      james bond villains do not represent actual targets

      the NSA is a bunch of very smart people backed up with billions of dollars of support infrastructure and some shockingly brutal legal precedence

      it would be like playing bull-fighter with a bunch of semi-trucks, amusing at first, but always ending up as hamburger in the tread of their tires

    3. Re:riiiiiight by Sir+Holo · · Score: 4, Funny

      "No US hacker would be retarded enough to attempt to hack the NSA."

      The NSA is not God. Its just a collection of people. People who make mistakes.

      With 360,000,000 people as the population, you would be surprised at what kind of stupidity you can find.

      Oh, BTW, I have all of the NSA's secret sploits, both past and current. They are for sale. Drop a few hundred bucks and they're yours – all contained on a single 3.5" floppy disk. I ran the leak through the ZIP encoder 30 times – that is why the file is so small.

      This isn't some mamby-pamby bitcoin auction, but a listing on ebay. (I believe in equal access for everyone.) Come bid on the auction. There is no "Buy it Now" price (ebay sets those limits low). There is only an open auction with a reserve price of $0.99. So, if it's countries bidding against countries, whatev's, I couldn't care less.

      Oh, and BTW, I am hiding behind five proxies, so there is no way to find me...

    4. Re:riiiiiight by pslytely+psycho · · Score: 1

      "With 360,000,000 people as the population, you would be surprised at what kind of stupidity you can find."

      Nah, no trouble at all imagining what level of stupidity you could find. To an exceptional hacker, the NSA I would imagine, would be quite like the accomplished jewel thief stealing the Crown Jewels. An ultimate target if you will.
      A certain type of mindset will happily go down in flames for the glory of it, irregardless of the consequences.

      BTW, your NSA goodies are outdated, I have this afternoons copies but I only just started encoding mine, I'll send you a co.......(signal lost)

      --
      Donald Trump, on a crusade to make Nixon look respectable
    5. Re:riiiiiight by Anonymous Coward · · Score: 0

      NSA pretending they got hacked so more laws can be written in their favor.

    6. Re:riiiiiight by Anonymous Coward · · Score: 0

      "No US hacker would be retarded enough to attempt to hack the NSA."

      The NSA is not God. Its just a collection of people. People who make mistakes.

      With 360,000,000 people as the population, you would be surprised at what kind of stupidity you can find.

      Oh, BTW, I have all of the NSA's secret sploits, both past and current. They are for sale. Drop a few hundred bucks and they're yours – all contained on a single 3.5" floppy disk. I ran the leak through the ZIP encoder 30 times – that is why the file is so small.

      This isn't some mamby-pamby bitcoin auction, but a listing on ebay. (I believe in equal access for everyone.) Come bid on the auction. There is no "Buy it Now" price (ebay sets those limits low). There is only an open auction with a reserve price of $0.99. So, if it's countries bidding against countries, whatev's, I couldn't care less.

      Oh, and BTW, I am hiding behind five proxies, so there is no way to find me...

      Dang, I couldn't find your listing. I have a couple bucks, I could bid on your floppy, but how do I know you will not just sell another disc, or that I am getting the original?

  9. What? Please post stories in English by wonkey_monkey · · Score: 1

    The the hackers' asking price for what they claim is a cache of NSA-built cyberweapons.

    "The the"? And it appears to be a sentence fragment.

    --
    systemd is Roko's Basilisk.
    1. Re:What? Please post stories in English by LynnwoodRooster · · Score: 2

      You don't understand - it's the guys who stole all of Matt Johnson's best work before he could release it with his band The The.

      --
      Browsing at +1 - no ACs, I ignore their posts. So refreshing!
    2. Re:What? Please post stories in English by Zontar+The+Mindless · · Score: 1

      The The.

      --
      Il n'y a pas de Planet B.
  10. If this turns out to be real... by barc0001 · · Score: 1

    The events of this breach should become the new exhibit A for every time a backdoor for the US government is discussed in any software. After all if the NSA can't keep their special toys in house, how long do you think a valuable backdoor will remain under wraps?

  11. I think.. by s.petry · · Score: 2

    The person intended to type FSB but didn't know how to spell it.

    --

    -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

  12. Having examined the files.. by Anonymous Coward · · Score: 2, Insightful

    I find it interesting to see that the "free" release they provided indicates dated material. Compiled with 2.0 - 2.6.9 era systems. Additionally it appears that the exploits are rather old as well, as the HW profiles they're targeting are reasonably old. This may be on purpose on the part of the hackers. Here be a complete list of the free files if anyone is interested. http://pastebin.com/SYcwqGmS

    1. Re:Having examined the files.. by Anonymous Coward · · Score: 0

      Old computers happen... hell now with uefi-bios vulnerabilities in out wild.. theres several cases where it has taken over 1 year for vendor's patch once the vulnerability has been made public....

  13. Team America Hackers! by Anonymous Coward · · Score: 1

    a team of American hackers

    I read that first as "team America hackers."

    1. Re:Team America Hackers! by Jawnn · · Score: 1

      a team of American hackers

      I read that first as "team America hackers."

      Fuck yeah!

    2. Re:Team America Hackers! by Killall+-9+Bash · · Score: 1

      NSA, your game is through!

      --
      "Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
  14. No by phantomfive · · Score: 1

    "Another Kaspersky Lab researcher noted on Twitter that there is “nothing” in the dumped files that links them to the Equation Group"

    --
    "First they came for the slanderers and i said nothing."
  15. Smells like an old fish packing plant by jandrese · · Score: 5, Interesting

    If you were trying to scam people this is exactly how you would structure an "auction".

    Lets look at the details:
    1. The money you bid is kept by the seller, regardless of who wins.
    2. Impossible to verify the product's authenticity before the sale.
    3. There is no public notification that the winner received the goods.
    4. The auctioneers can make their own bids.
    5. There is no end date. The seller stops the auction at their discretion

    Someone would have to be especially trusting or maybe desperate to bid on this. There are ways to set up trusted zero knowledge transfers, but these guys instead act like we should trust them just because they're anonymous.

    --

    I read the internet for the articles.
    1. Re: Smells like an old fish packing plant by Anonymous Coward · · Score: 1

      You're obviously an NSA triple agent counter troll with the mission of confusing us all with your Captain Kirkian Logic!!!

    2. Re:Smells like an old fish packing plant by Actually,+I+do+RTFA · · Score: 1

      Heck, give me 1 and 4 and I'll auction off anything you want.

      --
      Your ad here. Ask me how!
    3. Re: Smells like an old fish packing plant by mcswell · · Score: 1

      Is that you, Spock?

  16. It's time by scrib · · Score: 1

    Didn't Snowden just post "It's time" and follow that with what looks like a decryption key?
    The files in this leak were last updated in 2013, when Snowden left the country.
    I'm going to go out on a limb and guess that this is legit and it is more information Snowden took from the NSA.

    --
    Help! Help! I'm being repressed!
  17. Free files - GitHub repo for review by nneonneo · · Score: 1, Redundant

    If anyone's curious, I've dropped the decrypted contents of the "free sample" up on GitHub: https://github.com/nneonneo/eq.... Hopefully this makes analyzing the collection a bit easier. The code's pretty old - 2010-2013 according to timestamps - but it does look like real exploit/implant code from a distance.

    1. Re:Free files - GitHub repo for review by Anonymous Coward · · Score: 1

      If they are legit you're going to get your front door kicked in.

    2. Re:Free files - GitHub repo for review by Anonymous Coward · · Score: 0

      Glad you did this. I'm interested that so far only one of the exploits is setting off alarms on the system I used to unpack the free tarball, you have it as

      https://github.com/nneonneo/eqgrp-free-file/blob/master/Firewall/EXPLOITS/EGBL/egregiousblunder_3.0.0.1

      on your repository.

      In context, that appears to be a tool that would only run from within a busybox environment - not something I'm concerned has popped my workstation. It's being IDed as Slapper.gen, so probably recycling some attack code from the linux slapper worm?

      For what it's worth, the free dump looks legit to me. A big pain to arrange and document a tree like this and it's not April 1.

    3. Re:Free files - GitHub repo for review by Anonymous Coward · · Score: 0

      I liked the condition codes
      0xdeadbeefL: "Received ACK from exploit. Uploading NOPEN.",
      0xc0edbabeL: "Uploaded NOPEN! Callback commencing.",

  18. Re:PRESUME IT'S A LIE (FBI) (FBI) (FBI) [singing] by Anonymous Coward · · Score: 0

    He should be FSB. They don't backstab as hard as USA spy agencies. Look what they did to America.

  19. It's just a bunch of malware by Anonymous Coward · · Score: 0

    to let the cops on to you, if you're buying to do this sort of hacking. Don't buy, don't copy, don't run.

  20. The message left by the "Shadow Brokers" by Anonymous Coward · · Score: 0

    is so hilariously "foreign" and bad that it can't possibly fool anyone. It can only be coming from, oh I don't know, a bunch of Americans perhaps, trying their best to appear like foreign hackers, who of course must have broken English, because, you know, they're foreign. Bullshit and malware.

    1. Re:The message left by the "Shadow Brokers" by belthize · · Score: 1

      That's exactly what the NSA would like for you to think which only proves it can't be the NSA.

    2. Re:The message left by the "Shadow Brokers" by mcswell · · Score: 1

      Is from Boris Badenov, "world's champion no-good-nik, at your service", with the help of Natasha Fatale, former Miss Transylvania and now National Chairman of the Society to Restore The Real Meaning of Halloween.

  21. verb? by frovingslosh · · Score: 1

    The the hackers' asking price for what they claim is a cache of NSA-built cyberweapons.

    Oh, to be am editor at Slashdot and have no expectation that you'll actually read what you are posting or require it to make any sense.

    --
    I'm an American. I love this country and the freedoms that we used to have.
    1. Re: verb? by bestweasel · · Score: 1

      "to be am editor at Slashdot"

      Congratulations, you're hired!

  22. That name rings a bell... by Anonymous Coward · · Score: 0

    These guys are obviously fakes.

    I played Mass Effect, and I know there is only one Shadow Broker.

    And she's hot.

    1. Re:That name rings a bell... by tommeke100 · · Score: 1

      The original Shadow Broker was a big ugly alien though.

    2. Re:That name rings a bell... by Anonymous Coward · · Score: 0

      don't judge.

  23. Coming again to save the mother fucking day by Anonymous Coward · · Score: 0

    FUCK YEAH!

  24. all the links are dead ends by chris_osulliva · · Score: 2

    all the links are dead ends

  25. I bid.... by stoicio · · Score: 1

    ...One Dollar!

  26. Another write-up here by jkouns · · Score: 0

    The Shadow Brokers: Lifting the Shadows of the NSA’s Equation Group? https://www.riskbasedsecurity....

  27. 404 by GrumpyNope · · Score: 2

    All I can say is tumblr's 404 pages are some of the most WTF things I have seen

  28. Re:PRESUME IT'S A LIE (FBI) (FBI) (FBI) [singing] by Anonymous Coward · · Score: 0

    True, this site is now at least 3:1 govt shrill to reader. Must be this is where the NSA/FBI sticks their new hires.

  29. Better hire them quick NSA. by sabbede · · Score: 3, Funny

    If they can hack the NSA's best, then the NSA needs them on staff before someone else hires them.

    1. Re:Better hire them quick NSA. by Anonymous Coward · · Score: 0

      If they can hack the NSA's best, then the NSA needs them on staff before someone else hires them.

      The best won't work for them for no amount of money. They have morals. I refuse to work for them all the time.

    2. Re:Better hire them quick NSA. by Wolfrider · · Score: 1

      --They musta sent the spike back to Boris and hacked the Gibson! Quick Johnny, disconnect Jones before they loopback on a hardline and reverse-hack his tank!

      / amidoinitrite ?

      --
      .
      == WolfriderV6 == I'm willing to admit that *I just might* be wrong... Are you??
    3. Re:Better hire them quick NSA. by sabbede · · Score: 1
      Damnit, I had almost forgotten about that awful movie. Couldn't even have Molly/Sally!

      Plus Henry Rollins was in it, and as much as I like him, his presence on a cast is a clear indicator that a movie stinks.

    4. Re:Better hire them quick NSA. by Anonymous Coward · · Score: 0

      If they can hack the NSA's best, then the NSA needs them on staff before someone else hires them.

      The best won't work for them for no amount of money. They have morals. I refuse to work for them all the time.

      Liar. I know for a fact that Anonymous Coward is working for the NSA.

    5. Re:Better hire them quick NSA. by Anonymous Coward · · Score: 0

      Damnit, I had almost forgotten about that awful movie. Couldn't even have Molly/Sally!

      Plus Henry Rollins was in it, and as much as I like him, his presence on a cast is a clear indicator that a movie stinks.

      Molly/Sally was reserved for the Neuromancer movie, which had what 6 started attempts and no actual finished productions.