Hackers Claim To Be Selling NSA Cyberweapons In Online Auction (dailydot.com) 88
Reader blottsie writes: A group of hackers identifying themselves as theShadow Brokers claims to have hacked the NSA's Equation Group, a team of American hackers that have been described as both "omnipotent" and "the most advanced" threat cyberspace has ever seen. On the Shadow Brokers' website, the group has shared a sample of data that some cybersecurity experts say lends credibility to the breach. The the hackers' asking price for what they claim is a cache of NSA-built cyberweapons. Motherboard's take on this is here.
One thing to say... (Score:5, Insightful)
Honeypot (if it's a real).
Re: (Score:3)
yeah, my first thought was "this is a great way to attempt to catch some potentially very malicious people".
but then i thought, "it would be great if this code got into the hands of the security crowd".
Re: (Score:2)
Honeypot (if it's real).
Well, I was thinking, if it is real, the highest bidder will be the NSF itself. So the FBI and CIA could chase them down.
I think.. (Score:3)
Old news (Score:1)
The NSA has had rootkits in it for years. It's funny how arrogant they think they are :)
Re: (Score:2)
and you know this how?
I hope.... (Score:5, Insightful)
Whoever wins the auction releases every single bit of it to the public with no redaction whatsoever.
There should be a collective public bid available, I would pledge a couple of btc to the public bid if there was a credible one. I would consider it penance for the taxes I paid to create the originals.
Re: (Score:2)
Even if there was only a small chance of it being true, it would still be a better chance than there is now of the enemies of freedom having their tools leaked, so I will take a small chance over none.
Re: (Score:2)
Do you even have a point? Yes, there is some reason to doubt this one. However, its well crafted if its fake. Well crafted enough to be worth a hell of a lot more than your bridge proposal.
Weak try really.
Re: (Score:1)
Even if there was only a small chance of it being true, it would still be a better chance than there is now of the enemies of freedom having their tools leaked, so I will take a small chance over none.
You're assuming they don't leak them anyways after receiving their ransom payment.
Re: (Score:2)
Not really. Either way I am getting what i want right? I have no qualms about paying them for the public release. Sure, I would prefer they do it for ideological reasons but, everybody needs to eat and operational costs can be real, never mind the time they put in.
I mean, why would I make such a specific assumption without any suggestion that its what they would do; esp when they say explicitly its something they wont do, even if the winning bidder asks them to, right in their FAQ, leaving the task of any r
Re: (Score:2)
"Fuchs's espionage likely led the U.S. to cancel a 1950 Anglo-American plan to give Britain American-made atomic bombs"
Sounds like it worked out ok. Can't think of a better plan to scuttle than warmongers sharing their toys.
Too bad the internet didn't exist so he couldn't have given this gift directly to the public.
Re: (Score:2)
Re: (Score:2)
Sorry I missed your Query. Yes the NSA, the poorly named "National Security Agency".
Where to even begin. First of all, they spy on us, and when unable to do so legally, farm it out to external resources who can. This is a clear violation of privacy rights, but more than that, has a chilling effect on free speech.
They know about software flaws that put us at risk to abuse by third parties, yet keep those hidden so that people like them can abuse those flaws to gain unauthorized access to private information
Let's Face It (Score:5, Insightful)
It doesn't matter if Equation Group is part of the NSA, or if these tools come from Equation Group, or whatever. Just so long as these are real hacking tools used by any state agency, from any country, this puts the final nail in the coffin. Not that most of us needed that final nail.
The coffin being, "oh just create an encryption/security back door so that legitimate law enforcement can access it. You don't support child molesters and terrorists do you?"
Everybody. Gets. Hacked.
Secrets. Don't. Stay. Secret.
Yeah, the people who owned/created this screwed up. The point is, everyone screws up, given enough time and enough people involved.
Re: (Score:2)
Yeah, the people who owned/created this screwed up. The point is, everyone screws up, given enough time and enough people involved.
Yes. And the correlation of a leak/screw-up increases exponentially with number of people who know the secret... Or alternatively, as time goes by.
Re: (Score:2)
Awww shit, there goes all the conspiracy theories I've been working on. Obama probably is an alien and not a Muslim, WTC was an outside job ...by...by...the Saudi Royal Twats, Putin has a soul.
riiiiiight (Score:2, Insightful)
Good chance it's the Hacking Team software that has a built in backdoor which was sold to 3rd world dictators... except ya know the new and improved version with a different backdoor. Since they were exposed they haven't been able to peddle their wares anymore so they're getting desperate for a sale. Any hacker smart enough to want those programs is smart enough to stay the hell away from those programs. Dangle the worm and see who bites? You posted this on the wrong site mates if you want that action.
Re: (Score:2)
"No US hacker would be retarded enough to attempt to hack the NSA."
The NSA is not God. Its just a collection of people. People who make mistakes. Granted, its is likely a collection of people with above average intelligence. That could be their weakness though. When someone thinks they are smarter than everyone else they tend to get lazy. Look at all the James Bond villains. They create all kinds of ingenious methods to kill him when a double tap to the head would do the trick. He always escapes and foils t
Re: (Score:1)
james bond villains do not represent actual targets
the NSA is a bunch of very smart people backed up with billions of dollars of support infrastructure and some shockingly brutal legal precedence
it would be like playing bull-fighter with a bunch of semi-trucks, amusing at first, but always ending up as hamburger in the tread of their tires
Re:riiiiiight (Score:5, Funny)
"No US hacker would be retarded enough to attempt to hack the NSA."
The NSA is not God. Its just a collection of people. People who make mistakes.
With 360,000,000 people as the population, you would be surprised at what kind of stupidity you can find.
Oh, BTW, I have all of the NSA's secret sploits, both past and current. They are for sale. Drop a few hundred bucks and they're yours – all contained on a single 3.5" floppy disk. I ran the leak through the ZIP encoder 30 times – that is why the file is so small.
This isn't some mamby-pamby bitcoin auction, but a listing on ebay. (I believe in equal access for everyone.) Come bid on the auction. There is no "Buy it Now" price (ebay sets those limits low). There is only an open auction with a reserve price of $0.99. So, if it's countries bidding against countries, whatev's, I couldn't care less.
Oh, and BTW, I am hiding behind five proxies, so there is no way to find me...
Re: (Score:2)
Nah, no trouble at all imagining what level of stupidity you could find. To an exceptional hacker, the NSA I would imagine, would be quite like the accomplished jewel thief stealing the Crown Jewels. An ultimate target if you will.
A certain type of mindset will happily go down in flames for the glory of it, irregardless of the consequences.
BTW, your NSA goodies are outdated, I have this afternoons copi
What? Please post stories in English (Score:2)
The the hackers' asking price for what they claim is a cache of NSA-built cyberweapons.
"The the"? And it appears to be a sentence fragment.
Re: (Score:3)
Re: (Score:2)
The The [wikipedia.org].
If this turns out to be real... (Score:2)
The events of this breach should become the new exhibit A for every time a backdoor for the US government is discussed in any software. After all if the NSA can't keep their special toys in house, how long do you think a valuable backdoor will remain under wraps?
Having examined the files.. (Score:2, Insightful)
Team America Hackers! (Score:1)
a team of American hackers
I read that first as "team America hackers."
Re: (Score:2)
a team of American hackers
I read that first as "team America hackers."
Fuck yeah!
Re: (Score:2)
No (Score:2)
"Another Kaspersky Lab researcher noted [twitter.com] on Twitter that there is “nothing” in the dumped files that links them to the Equation Group"
Smells like an old fish packing plant (Score:5, Interesting)
Lets look at the details:
1. The money you bid is kept by the seller, regardless of who wins.
2. Impossible to verify the product's authenticity before the sale.
3. There is no public notification that the winner received the goods.
4. The auctioneers can make their own bids.
5. There is no end date. The seller stops the auction at their discretion
Someone would have to be especially trusting or maybe desperate to bid on this. There are ways to set up trusted zero knowledge transfers, but these guys instead act like we should trust them just because they're anonymous.
Re: Smells like an old fish packing plant (Score:1)
You're obviously an NSA triple agent counter troll with the mission of confusing us all with your Captain Kirkian Logic!!!
Re: (Score:2)
Is that you, Spock?
Re: (Score:2)
Heck, give me 1 and 4 and I'll auction off anything you want.
It's time (Score:2)
Didn't Snowden just post "It's time" and follow that with what looks like a decryption key?
The files in this leak were last updated in 2013, when Snowden left the country.
I'm going to go out on a limb and guess that this is legit and it is more information Snowden took from the NSA.
Free files - GitHub repo for review (Score:2, Redundant)
If anyone's curious, I've dropped the decrypted contents of the "free sample" up on GitHub: https://github.com/nneonneo/eq... [github.com]. Hopefully this makes analyzing the collection a bit easier. The code's pretty old - 2010-2013 according to timestamps - but it does look like real exploit/implant code from a distance.
Re: (Score:1)
If they are legit you're going to get your front door kicked in.
Re: (Score:2)
That's exactly what the NSA would like for you to think which only proves it can't be the NSA.
Re: (Score:2)
Is from Boris Badenov, "world's champion no-good-nik, at your service", with the help of Natasha Fatale, former Miss Transylvania and now National Chairman of the Society to Restore The Real Meaning of Halloween.
verb? (Score:2)
The the hackers' asking price for what they claim is a cache of NSA-built cyberweapons.
Oh, to be am editor at Slashdot and have no expectation that you'll actually read what you are posting or require it to make any sense.
Re: verb? (Score:1)
"to be am editor at Slashdot"
Congratulations, you're hired!
Re: (Score:2)
all the links are dead ends (Score:2)
I bid.... (Score:2)
...One Dollar!
404 (Score:2)
Better hire them quick NSA. (Score:4, Funny)
Re: (Score:2)
--They musta sent the spike back to Boris and hacked the Gibson! Quick Johnny, disconnect Jones before they loopback on a hardline and reverse-hack his tank!
/ amidoinitrite ?
Re: (Score:2)
Plus Henry Rollins was in it, and as much as I like him, his presence on a cast is a clear indicator that a movie stinks.