Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Group Leaks 'NSA's Top Secret Arsenal of Digital Weapons' (vice.com)

Posted by msmash on from the what's-happening dept.

Hacker group 'The Shadow Brokers', which last year allegedly released top-secret tools that the National Security Agency had used to break into the networks of foreign governments and other espionage targets, today said it is disappointed with President Donald Trump, and released more such alleged tools. From a report on Motherboard: On Saturday, The Shadow Brokers, a hacker or group of hackers that has previously dumped NSA hacking tools, released more alleged exploits. The group published a password for an encrypted cache of files they distributed last year. "Be considering this our form of protest," the group wrote in a rambling, politically loaded rant published on Medium. Back in August, The Shadow Brokers released a number of exploits stolen from the NSA. Many of these affected hardware firewalls, from companies such as Cisco and Juniper. At the time, the group also dumped another cache allegedly containing more hacking tools, and said they would release the corresponding password to the winner of a bitcoin auction. That fund-raising effort was ultimately unsuccessful, and The Shadow Brokers claimed they were calling the whole thing off in January. But now, anyone can unlock the auction data dump. (Motherboard confirmed that the password did indeed decrypt the original auction file). In a series of tweets, Edward Snowden said, "NSA just lost control of its Top Secret arsenal of digital weapons; hackers leaked it. 1) https://github.com/x0rz/EQGRP 2) For those who have never heard of the hacker group behind today's leak of NSA's cyberweapons, last year's story."

He adds, "quick review of the ShadowBrokers leak of Top Secret NSA tools reveals it's nowhere near the full library, but there's still so much here that NSA should be able to instantly identify where this set came from and how they lost it. If they can't, it's a scandal."

69 comments

  1. Release the Tomahawks! by Anonymous Coward · · Score: 0

    They'll be sooorry.

    1. Re: Release the Tomahawks! by Anonymous Coward · · Score: 0

      Bigly soooorry

      Korea gonna get some of that $multi-million pinprick treatment soon too if the carrier group headed their way is anything to go by. Gotta keep the focus on bigly bad guys and off of getting impeached.

    2. Re:Release the Tomahawks! by Anonymous Coward · · Score: 0

      What happens when you deprive them of healthy coffee and do not let them smoke.

  2. Ransom not paid by Anonymous Coward · · Score: 0

    Maybe Snowden is pissed because this stuff didn't sell and Uncle Sam didn't offer any hush money.

    1. Re: Ransom not paid by Anonymous Coward · · Score: 0

      Sad troll is sad.
      Snowden left because he had already been threatened.

    2. Re: Ransom not paid by Anonymous Coward · · Score: 0

      Snowden was not threatened until he went public. Why did he think going public in Chinese controlled territory was a good idea? Why wasn't he already holed up in one of the Latin America paradises who were falling all over themselves for the right shelter him? Every decision he has made has been idiotic. Right from the start he thought his was actions would eventually be forgiven because he was providing a public service. You steal from the NSA and release information on foreign counter intelligence operations you will not get a slap on the hand. The minute he even thinks of leaving Russia he will be picked up and flown to the US. And remember the US is not the only country who would like to have a chat with him. Maybe he can make a run to the nearest Ecuadorian embassy and ask for shelter.
      The group of guys who is releasing the information mentioned in this article will eventually be caught. The NSA may already know who they are and are just watching to see who else may be involved in their crime. The NSA once allowed the Russians to conduct industrial espionage and planted information they wanted Russia to steal. 6 months later one of Russia's main oil pipelines blew up because the PLC and SCADA information they stole actually provided a RAT that the CIA used to sabotage key pumping stations.

    3. Re: Ransom not paid by Anonymous Coward · · Score: 0

      There are inconsistensies in what you wrote.

    4. Re: Ransom not paid by buck-yar · · Score: 1

      Should be hanged for treason.

  3. This is what the NSA has? These are their tools om by Anonymous Coward · · Score: 0

    Omg all the funding that these guys get from tax money and they are basically a bunch of simple script kiddies lol
    The more I find the more these governments seem like a big fucking joke, I think the readers of /. can take on these college loosers, when dunk and one hand tied behind their backs. Now I really don't feel safe here in the USA, these are the people looking out for our safety we are all f*ed!!!

  4. Not as big as you think by Anonymous Coward · · Score: 1

    "Security researchers are still going through the files, but many of the exploits appear to be used for attacking older or little-used system."

    -- TechCrunch

    1. Re:Not as big as you think by ravenshrike · · Score: 1

      So basically the Shadow Brokers probably got the hacking equivalent of tools stuffed into a storage closet and forgotten about?

    2. Re:Not as big as you think by TechyImmigrant · · Score: 1

      "Security researchers are still going through the files, but many of the exploits appear to be used for attacking older or little-used system."

      -- TechCrunch

      Like Solaris and "Linux 2.4"

      It makes sense that you would keep a library of tools for hacking older systems and software. There's so much more there to hack.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    3. Re:Not as big as you think by Anonymous Coward · · Score: 0

      Wondering why they didn't hand this off to Assange. Oh, wait, no, I'm not wondering.

    4. Re:Not as big as you think by BostonPilot · · Score: 1

      If you were trying to change the behavior of the government, it wouldn't make sense to release all the most up to date exploits - as soon as you've done it, you've lost all your leverage. At that point it would be "and if you don't do what I want, I'll continue to release the old exploits that you probably don't care about"... not much of a threat.

      By releasing older exploits the message is, "see - I can release your tools to the wild... do what I want or I'll start releasing the exploits you really do care about"

  5. idgi by Anonymous Coward · · Score: 0

    Isn't it already assumed that if you buy closed source, you can be hacked by the government? Hell, it'd be fairly easy for a CPU to have a hidden instruction set that allows privilege escalation, although it's less likely for something like that to be implemented as a single discovery would fuck the US IT industry.

    And that for every piece of code that is released into the wild - intentionally or unintentionally - all you win is a false sense of security as there are already way more complex exploits / backdoors still under wraps.

    1. Re:idgi by Anonymous Coward · · Score: 0

      Isn't it already assumed that if you buy closed source, you can be hacked by the government? Hell, it'd be fairly easy for a CPU to have a hidden instruction set that allows privilege escalation, although it's less likely for something like that to be implemented as a single discovery would fuck the US IT industry.

      Speaking for the US CPU industry, we are very well aware how fucked we would be if a backdoor was discovered baked into our products and we have teams of people with the primary role of preventing them from existing.

    2. Re:idgi by Anonymous Coward · · Score: 0

      Which is why the backdoors are very deep and quite.

    3. Re:idgi by buck-yar · · Score: 1

      Intel ME - mother of all backdoors

  6. Send in Commander Shepard by GoChickenFat · · Score: 0

    I'm sure this will have a Mass Effect...

  7. Translation by axewolf · · Score: 0

    NSA/"Deep State" leaks its expired weapons to assist in the attempt to overblow the 'outrage' that 'Trump's own supporters' have against this apparent policy flip-flop.

    How is this a protest in any way? What does one have to do with the other, and would the relation, if it exists, be understandable to the average person?

    Why is the media assisting this organization's nonsensical narrative that this is a protest?

    Too long; didn't read: BULLSHIT!

    1. Re:Translation by Mike+Frett · · Score: 1

      There is no 'Deep State' that term was coined by Russian Trolls.

    2. Re:Translation by axewolf · · Score: 0

      hehe oh yeah, forgot about that fact

  8. Re:This is what the NSA has? These are their tools by mnemotronic · · Score: 1

    Maybe they should make an offer to Taylor Huddleston.

    --
    The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
  9. Re:GitHub! GitHub! GitHub! by Anonymous Coward · · Score: 0

    154 forks now! Keep forking, forking morons!

  10. Re:Release the Crack-in by mnemotronic · · Score: 0

    Or was it "Release the Kraken"? Brain not work. Too much crackin'.

    --
    The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
  11. Why is nobody leaking... by bazmail · · Score: 1

    ...Russian government hacking code? Are they more loyal workers? Better at preventing leaks? Just strikes me as very odd that all leaks are American.

    1. Re:Why is nobody leaking... by Anonymous Coward · · Score: 1

      The hacking tools from CIA and NSA have Russian code. They are leaking, just not to the public.

    2. Re:Why is nobody leaking... by Actually,+I+do+RTFA · · Score: 0

      The Russian's don't want to leak their own code.

      --
      Your ad here. Ask me how!
    3. Re:Why is nobody leaking... by Anonymous Coward · · Score: 0

      or.. it could also be a little difficult to release code after taking one to the head courtesy of the fsb.

    4. Re:Why is nobody leaking... by Anonymous Coward · · Score: 0

      Who do you know that has a copy that wants to leak it?

      Otherwise one could ask why aren't they leaking Chinese, Saudi, or Iranian code?

    5. Re:Why is nobody leaking... by AHuxley · · Score: 3, Insightful

      Russia does not have any need for "code". They have generations of well placed spies and people who want to help globally.
      They don't have to trust consumer grade networks and junk encryption on standard digital devices. The Soviet Union understood codes fail, like in the 1950's.
      So the Soviet Union and Russia got smart and moved to more secure methods and went for the human side of spying.
      The NSA, CIA and GCHQ just kept on putting more funding into computers and digital collection methods, always just expecting the world to always be more digital.
      Everyone has a home computer, every one has a smart phone, every hotel has a smart TV, every company keeps their secrets near the internet. The US and UK also have a culture of contractors and people from the outside helping/giving "orders" to gov/mil staff.
      Wage difference, lack of dignity, lack of advancement, no esprit de corp in the West over generations adds to issues only found in the West.
      The GCHQ finally fully understood why information leaks, staff walk out and had the methods to keep staff happy in the West by the 1970's.
      But the US private sector would have be shut out of gov and mil contracts. So the GCHQ ideas about a better gov workplace got replaced by every more lobbying for more US contractors and private sector support.
      In Russia its your rank, your profession, your uniform, your medals, your advancement, your mil, your nation to defend, your honour, a privilege with good educational support.
      In the West its a day job, the boss with party political connections, their private sector profit and shareholders, lobbyists and job insecurity. Government workers who dream of private sector wealth, private sector workers who dream of some full time employment.
      Moving around the US or UK as a contractor to support the mil/gov with its data collection, computer issues is not a fun profession.

      --
      Domestic spying is now "Benign Information Gathering"
    6. Re:Why is nobody leaking... by Anonymous Coward · · Score: 1

      Probably because the Russians haven't undermined their own security by creating a system of low-bid subcontractors.

    7. Re:Why is nobody leaking... by Anonymous Coward · · Score: 0

      A bullet to the head is not a preventative measure. It comes after the fact. Also, don't pretend other agencies aren't assassinating people.
      https://en.wikipedia.org/wiki/List_of_intelligence_agencies

  12. And this is why... by Anonymous Coward · · Score: 0

    any 'legal' backdoor in crypto systems would be a terrible idea...

  13. Re:GitHub! GitHub! GitHub! by Anonymous Coward · · Score: 0

    They're all binary executable files: WTF is getting forked, since there's no source code posted of any of this stuff?

  14. Re:GitHub! GitHub! GitHub! by Anonymous Coward · · Score: 0

    The social idiots of github use the Fork button like a Like button. Never mind the fact that github has a Star button which works exactly like a Like button. The idiots push Fork anyway even if they have absolutely no intention of doing any work on a fork. Because github is full of stupid social idiots.

  15. the nsa is at your door by Anonymous Coward · · Score: 0

    KNOCK KNOCK.....

    and your right of course , its all bulshit old shit but sometimes old shit does have a use

    not saying how i know

  16. the shadow brokers == "alt-right" extremists by Gravis+Zero · · Score: 0

    If you look at the political ramblings they posted, then you can see what they really are interested in:

    - DO support the ideologies and policies of Steve Bannon, Anti-Globalism, Anti-Socialism, Nationalism, Isolationism

    - Don’t care if your popular or nice, get er done, Obama’s fail, thinking he could create compromise. No compromise.

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:the shadow brokers == "alt-right" extremists by Anonymous Coward · · Score: 0

      - DO support the ideologies and policies of Steve Bannon, Anti-Globalism, Anti-Socialism, Nationalism, Isolationism - Donâ(TM)t care if your popular or nice, get er done, Obamaâ(TM)s fail, thinking he could create compromise. No compromise.

      In other words, they'd really really like it if US personnel become sufficiently radcalized to the nationalist cause that they'd be willing leak data on US assets, but they're totally not trying to help America's adversaries.

      Whoever they are, the machine-translated/obfuscated speech doesn't really indicate whether they're Russian, Chinese, or part of a sinister plot from Liechtenstein to take over the world, but they sure as hell aren't working for the Americans.

    2. Re:the shadow brokers == "alt-right" extremists by Anonymous Coward · · Score: 0

      Isolationism, uh huh.. Being selective about who you let into your country and renegotiating shitty trade deals is a pretty far cry from "isolationism" for anyone except a crazed leftist with an agenda that involves lying.

  17. misinformation by the bucketload by Anonymous Coward · · Score: 1

    why would nsa bother with hacking anything when they can have intel chips contain all of the snooping capabilities they ever need?

    1. Re:misinformation by the bucketload by AHuxley · · Score: 2

      To have contractors in the private sector find the code litter and the tech media copy and paste a report its another "nation".
      Thats why the "time zone", "ip range" and "language" litter found was always key to showing the origin of any malware.
      Getting the data out of some network might not even be the mission.
      The code litter is found by the private sector "experts" later is the propaganda win in the tech media.

      --
      Domestic spying is now "Benign Information Gathering"
    2. Re:misinformation by the bucketload by Anonymous Coward · · Score: 0

      That's what I am thinking too. Also, those things like IME can unmask your real IP and can identify or download your personal files too.

    3. Re:misinformation by the bucketload by Anonymous Coward · · Score: 0

      Your simply comment shows your complete misunderstanding about how technology works.

  18. Better behavior-based detection in AV? by AHuxley · · Score: 1

    What can vendors of quality AV software and networks do?
    Some sort of "other" secure computer on the final network out, apart from all the infected OS, junk hardware, junk big brand firewalls on random days?
    How much is human collected? How much is just kept internally for later network collection after a human infected a system? Human placed? Network placed? Human collected or network collected. Human placed malware and later data is also collected by a human.
    Should AV detection consider the idea that the owners and users with access are a real threat too? Not just something new up or down the network.
    Physical access cant be stopped as the malware is inserted by an operative but AV could send a message back to its creators that something new and interesting was changed by the "owner". Start to phone home more details about every very secure system.
    The infection cant be avoided thanks to lax physical access but changes can be gathered by AV.

    --
    Domestic spying is now "Benign Information Gathering"
    1. Re:Better behavior-based detection in AV? by Anonymous Coward · · Score: 0

      Files accessed or Files modified can be detected and reported by email or sms txt msgs by a Tripwire. Very old tech, you don't need AV to do that.

    2. Re:Better behavior-based detection in AV? by AHuxley · · Score: 1

      Yes AC, it was interesting to see the AV company that could detect.

      --
      Domestic spying is now "Benign Information Gathering"
  19. Has... by Anonymous Coward · · Score: 0

    Actual question. Has NSA actually done anything to secure the internet? Doesn't seem so.

    1. Re:Has... by irving47 · · Score: 1

      Seems *possible* they might, at some point, have leaked warnings to infraguard type people who would patch certain holes quietly... They also released a secure version of linux... centos or ubuntu or something

      --
      I had a sucky sig.
    2. Re:Has... by GameboyRMH · · Score: 1

      They created SELinux and a set of military cryptography standards that differs from the civilian ones, strongly suggesting that the civilian ones are weak. That's all I can think of. They've certainly done a lot to damage the security of the Internet.

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
  20. No they're Russian State by Anonymous Coward · · Score: 0

    They're Russian state hackers, clearly known, clearly identified. This is the same group of documents and actors related to DNC hack last year, and the actors there are all tied to Russia. Not just the hackers, but the intermediaries, ambassadors, and the group on Trump's side, Stone, Flynn, Cohen, Manasfort who interacted with them (e.g. emails connect Stone to the hacker, money trail links Manafort and Jared Kushner to Putin)*.

    Which means that Putin has (had) all these zero day exploits, and you have to assess what damage COULD previously have been done with these exploits. All the passwords stolen, security protocols corrupted and so on. All those backdoors they put in, are effectively in the hands of Putin's hacker group.

    So you need to think of this hack, not just "how WILL it affect security", but rather backdate it, and consider any secondary system compromised.

    THAT MAY INCLUDE ALL WINDOWS PCs. Potentially that Windows fake auto update software might be on critical PCs courtesy of Putin's boys.

    * Yeh yeh, there is no provable direct connection to Trump (well apart from his public spirited defense of Putin, political lies about the source of the hackers, even after he'd been shown the evidence, his financial connection to Alfa bank and Putin controlled VneshEconomBank....) but you can't specifically prove at the moment that Trump HIMSELF asked Russia for help hacking the Democrats, apart from that time he did it in front of the cameras.

    1. Re:No they're Russian State by Anonymous Coward · · Score: 5, Interesting

      Not entirely, Guciffer 2.0 has confirmed his contact was a whistleblower in the DNC, namely Seth Rich. This ties in with Craig Murray's assertations that the DNC leaks were an inside job and that he was the recipient for information from an individual in the DNC. Seth Rich's murder still remains unsolved.

      Link: http://g-2.space/sr/index.html

      This is rather fresh information, so I am not surprised you did not know. Unfortunately, I can only post as AC at this time.

  21. Re:GitHub! GitHub! GitHub! by fisted · · Score: 1

    True words. +1, would fork.

    --
    CLI paste? paste.pr0.tips!
  22. Re:This is what the NSA has? These are their tools by Anonymous Coward · · Score: 0

    You mean drunk. Also, it is spelled loser, with a single o. You should not post when you are drunk.

  23. Re:Has... FreeBSD and Linux by Anonymous Coward · · Score: 0

    Check the dumped files, there are a lot of exploits for FreeBSD, Linux, Solaris*. I don't think CentOS and/or Ubuntu were spared from these exploits.

    *I knew it, those people who are pushing for Linux and FreeBSD just desperately wanted to access your machines.

  24. Re:This is what the NSA has? These are their tools by Anonymous Coward · · Score: 0

    Because they do it for money and don't care about the product. What they do for fun on the weekend in their spare time is where the real tools are.

  25. Both sides knew. by DrYak · · Score: 1

    The NSA once allowed the Russians to conduct industrial espionage and planted information they wanted Russia to steal. 6 months later one of Russia's main oil pipelines blew up because the PLC and SCADA information they stole actually provided a RAT that the CIA used to sabotage key pumping stations.

    Do you sincerly think that this was the sole unique time a US governmental agency tried to feed software with bugs planted in for the purpose to cause mayhem ?

    And you are really persuaded that the USSR never ever had the slightest idea that they are receiving bogus software and never had an army of hacker for the sole purpose to review and clean such code ?
    (Come on, you're speaking about the USSR - which has secret service at least as good as their western counter part, if not better. Do you *really* think that they could be bluffed so easily ? Were they still seaking to acquire red mercury until the end of the cold war ?)

    (Said as the descendant of a hacker who did clean code of intentionally planted bugs, on the other side of the iron curtain. Not even Russia, but a small country. So even that small country was spending efforts to sanitized any piece of code received from the west, you can only guess what kind of efforts Russia was spending).

    Plus, in the specific case of that explosion in Siberia the level of cause imputable to the CIA has been debunked.
    Yes, CIA was attempting to feed bogus shit to the USSR in an attempt to cause mayhem (but as said above, this *was* probably a well known fact on the other side of the iron curtain).
    But no, that peculiar explosion wasn't caused directly by CIA, but by the same cause that also caused other catastrophes like Tchernobyl : recklessness of the involved engineers.
    (Pipeline is leaking ? Hey, why should we go investigate ? Just pump up the pressure to keep the gaz flowing ! Easy fix ! Also easy cause for a massive explosion)

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  26. Re:Release the Crack-in by martinfb · · Score: 1

    Appropriate. 'Crackin' is cocaine free-based. And we all know that cocaine is 'the big lie'!
    Perhaps this explains Trump et al...

    --


    Self-importance and self-indulgence is the root of ALL evil.
  27. Re:This is what the NSA has? These are their tools by syntotic · · Score: 1

    Delaying an executable is hacking? OK: now tell me what is it that I have that your antivirus cannot yet find. I cannot record music in any laptop since 2009 after one laptop BSoD crashed and was later robbed.

  28. Re: FUCK YOU LAZY ASS COLLEGE STUDENT SHITBAG by Anonymous Coward · · Score: 0

    (hug)