Regardless of how one feels about the National Security Agency (NSA), it is a little disturbing to think that an anonymous group has stolen hacking tools that might belong to NSA and is auctioning them off to the highest bidder. NSA hacked or is it a hoax? Is it merely a boast? The alleged hackers have offered sample files, and some security researchers say they appear to contain legitimate exploits.
The files were allegedly stolen from the Equation Group, a top cyberespionage vendor team that may have links to the NSA. The Equation Group purportedly uses some of the most advanced malware and probably helped develop the infamous Stuxnet computer worm, says Kaspersky Lab. Over the weekend, hackers known as the Shadow Brokers claimed to have stolen the very cyber weapons the group has used and they say that they plan to auction the best files to highest bidder, claiming that the “auction files better than Stuxnet,” the hackers said in a Tumblir posting using broken English.
Bloggers are saying that the code appears to be a large amount of NSA infrastructure for controlling routers and firewalls, including implants, exploits, and other tools. The malware specifically target firewall technology from Cisco, Juniper, Fortinet, and Chinese provider Topsec.
Virginia-based Risk Based Security has also looked at the sample files and said that
It’s also possible the Shadow Brokers are promoting a big scam. Deception-based schemes are very common in hacking. The NSA hasn’t acknowledged any ties with Equation Group and on Monday, it didn’t respond for comment. Nevertheless, the Shadow Brokers are asking buyers to bid with bitcoin, although the group is offering no guarantees it will hold its own end of the bargain.