The hacker just became the hacked. A known offshoot of the National Security Agency responsible for conducting cyber-attacks across the world has been targeted by a group of unknown hackers. According to reports, a bunch of hacking tools used by the NSA’s Equation Group for conducting cyber-attacks were dumped online recently by the hackers who allegedly made way into their systems.
The publicly dumped files include malware, private exploits, installation scripts, configurations for Command Control servers and other hacking tools. The unknown hacking group is calling itself the Shadow Brokers. The files dumped by them is claimed to be legitimate by few cyber security experts who got the chance to analyze them. The Shadow Brokers claim that the files they released is just the tip of an iceberg and they are willing to sell the rest to the highest bidder. They have expressed their intention to sell it in an auction where anyone who bids 1 million bitcoins will be getting NSA’s bag of tricks.
It is widely believed that the Equation Group is a secretive, dangerous organization within the National Security Agency who have access to sophisticated tools and techniques for compromising cybersecurity. It is speculated that the Equation Group was responsible for the previous Regin and Stuxnet attacks where the systems in security and nuclear installations belonging to “enemy states” were infected with a malware.
Among many files, security experts were able to find references to certain hacking tools and protocols that were earlier made public by the former NSA analyst turned whistleblower Edward Snowden. Discounting the leaked files as part of a hoax, a well-known security researcher known by the name Grugq was quoted by a tech magazine saying,
“If this is a hoax, the perpetrators put a huge amount of effort in… The proof files look pretty legit, and they are exactly the sorts of exploits you would expect a group that targets communications infrastructure to deploy and use.”
Speaking about the leaked tools, a Kaspersky researcher has mentioned that there is a possibility these files may not belong to Equation Group, but some other parallel NSA cyber operation. However, they don’t contest the origin of the files.
If the hack has indeed happened and the Shadow Brokers do sell these tools to the highest bidder, it may turn out to be the biggest security breach in the history. The United States may have to answer to other countries as well as their own domestic population about what they have been doing so far and why.
Ref: Motherboard | HackerNews | Image: News18