NSA cyber weapons 'hacked' by mysterious Shadow Brokers

Online group threatens to auction best National Security Agency files to the highest bidder

Fort Meade, UNITED STATES:A computer workstation bears the National Security Agency (NSA) logo inside the Threat Operations Center inside the Washington suburb of Fort Meade, Maryland, intell
(Image credit: 2006 AFP)

A mysterious online group calling itself Shadow Brokers claims it has stolen state cyber weapons from the US National Security Agency (NSA) and is auctioning off the more powerful parts to the highest bidder.

As proof, the hackers released a swathe of malware programs, including a number of pieces of software referenced in the leaks from NSA whistleblower Edward Snowden.

"The leak, announced in broken English by the group in a series of posts on Twitter, Tumblr, Pastebin and Github, was accompanied by claims that the group was in possession of state-sponsored 'cyber weapons'," The Guardian says.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.


Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

Shadow Brokers is asking for one million bitcoins, worth close to £445m, to secure the release of the second part of the stolen information.

"We auction best files to highest bidder. Auction files better than Stuxnet," they said. The Stuxnet worm is rumoured to be a joint US-Israeli malware attack designed specifically to sabotage Iran's nuclear programme.

The leaked information, which includes a number of highly sophisticated pieces of malware, was stolen from the Equation Group, an "elite" group believed to be part of the NSA.

The files "appeared to be real, according to former NSA personnel who worked in the agency's hacking division, known as Tailored Access Operations (TAO)", reports the Washington Post.

"Without a doubt, they're the keys to the kingdom," said the former NSA worker.

Snowden responded to news of the attack on Twitter, saying he believed it to be part of a state-sponsored effort as it was unusual step for hackers at that level to go public in this way.

"NSA malware staging servers getting hacked by a rival is not new. A rival publicly demonstrating they have done so is," Snowden wrote.

He also implied that the hack is not so much about making money and more a warning to the US to back down on blaming Russia for the recent leaks of sensitive information from the Democratic National Committee.

"This leak looks like somebody sending a message that an escalation in the attribution game could get messy fast," Snowden said.

To continue reading this article...
Continue reading this article and get limited website access each month.
Get unlimited website access, exclusive newsletters plus much more.
Cancel or pause at any time.
Already a subscriber to The Week?
Not sure which email you used for your subscription? Contact us