The latest hack revealed over the weekend has nothing to do with the Democratic Party or George Soros, and instead a mysterious hacker group by the name “The Shadow Brokers” claims to have hacked the Equation Group – a government cyberattack hacking group associated with the NSA, and released a bunch of the organization’s hacking tools. The hackers are also asking for 1 million bitcoin (around $568 million) in an auction to release more files.
“Attention government sponsors of cyber warfare and those who profit from it!!!!” the hackers wrote in a manifesto posted on Pastebin, on GitHub, and on a dedicated Tumblr.
How much you pay for enemies cyber weapons? Not malware you find in networks. Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. Kaspersky calls Equation Group. We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files.
In February 2015, Ars Technical dubbed The Equation Group “the most advanced hacking operation ever uncovered.” According to Kasperky, the “Equation Group” is a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades.” While Kaspersky Lab stopped short of saying it’s the NSA, its researchers laid out extensive evidence pointing to the American spy agency, including a long series of codenames used by the Equation Group and found in top secret NSA documents released by Edward Snowden. The Equation Group, according to Kaspersky Lab, targeted the same victims as the group behind Stuxnet, which is widely believed to have been a joint US-Israeli operation targeting Iran’s nuclear program, and also used two of the same zero-day exploits.
The global “victims” of the Equation Group are laid out in the map below: it is no secret that the group is not particularly enthused by either Iran or Russia.
It is this secretive hacker collective that the “Shadow Brokers” claimed to have hacked, and allegely stole some of its hacking tools. They publicized the dump on Saturday, tweeting a link to the manifesto to a series of media companies.
According to Motherboard, the dumped files mostly contain installation scripts, configurations for command and control servers, and exploits targeted to specific routers and firewalls. The names of some of the tools correspond with names used in Snowden documents, such as “BANANAGLEE” or “EPICBANANA.” The hackers have released 60% of the files they claimed to have taken from the Equation Group. The Shadow Brokers said they would release the remaining data to the highest bidder in a Bitcoin auction (they’ve received three bids so far). If they received an extraordinary 1,000,000 Bitcoins, worth roughly $560 million,
Please follow SGT Report on Twitter & help share the message.