Home » Posts tagged 'shadow brokers'
Tag Archives: shadow brokers
Leaked Files Show How NSA Tracks Other Countries’ Hackers
WHEN THE MYSTERIOUS entity known as “Shadow Brokers” released a tranche of stolen NSA hacking tools to the internet a year ago, most experts who studied the material honed in on the most potent tools, so-called “zero-day” exploits that could be used to install malware and take over machines. But a group of Hungarian security researchers spotted something else in the data, a collection of scripts and scanning tools the NSA uses to detect other nation-state hackers on the machines it infects.
It turns out those scripts and tools are just as interesting as the exploits. They show that in 2013 — the year the NSA tools were believed to have been stolen by Shadow Brokers — the agency was tracking at least 45 different nation-state operations, known in the security community as Advanced Persistent Threats, or APTs. Some of these appear to be operations known by the broader security community — but some may be threat actors and operations currently unknown to researchers.
The scripts and scanning tools dumped by Shadow Brokers and studied by the Hungarians were created by an NSA team known as Territorial Dispute, or TeDi. Intelligence sources told The Intercept the NSA established the team after hackers, believed to be from China, stole designs for the military’s Joint Strike Fighter plane, along with other sensitive data, from U.S. defense contractors in 2007; the team was supposed to detect and counter sophisticated nation-state attackers more quickly, when they first began to emerge online.
“As opposed to the U.S. only finding out in five years that everything was stolen, their goal was to try to figure out when it was being stolen in real time,” one intelligence source told The Intercept.
…click on the above link to read the rest of the article…
Latest “Shadow Brokers” Leak Reveals NSA Hacked Most Windows Platforms; SWIFT Banks
Latest “Shadow Brokers” Leak Reveals NSA Hacked Most Windows Platforms; SWIFT Banks
One week after the “Shadow Broker” hacker group re-emerged when in a Medium blog post it slammed Donald Trump’s betrayal of his core “base” and the recent attack on Syria, urging Trump to revert to his original promises and not be swept away by globalist and MIC interests, it also released the password which grants access to what Edward Snowden dubbed the NSA’s “Top Secret arsenal of digital weapons”, it has made fresh headlines by releasing data which reportedly reveals that the NSA had hacked the SWIFT banking system of several banks around the globe including in the EU and middle east.
As a reminder, last year the Shadow Brokers claimed to have stolen files from the NSA’s cyber-espionage group known as the Equation Group. After initially putting up the tools up for auction (ultimately nobody was interested in paying the price of 1 million Bitcoin, or around $570 million at the time), Last week, the Shadow Brokers dumped the password for the files they had put up for auction last summer. Missing from last week’s dump were the Windows files they put up for individual auctions over the winter.
Fast forward one week, when on Good Friday the Shadow Brokers dumped a new collection of files, containing what appears to be exploits and hacking tools targeting Microsoft’s Windows OS and evidence the Equation Group had gained access to servers and targeted banks connected to the ubiquitous SWIFT banking system.
The tools were dumped via the Shadow Brokers Twitter account and were accompanied by a new blog post. As Bleeping Computer’s Catalin Cimpanu, who first noticed the release, points out, the blog post is called “Lost in Translation,” and in addition to some premeditated ramblings in broken English…
…click on the above link to read the rest of the article…
