The hacker just became the hacked. A known offshoot of the National Security Agency (NSA) responsible for conducting cyber-attacks across the world has been targeted by a group of unknown hackers. According to reports, a bunch of hacking tools used by the NSA’s Equation Group for conducting cyber-attacks were dumped online recently by a unknown hacking group Shadow Brokers.
The publicly dumped files include malware, private exploits, installation scripts, configurations for Command & Control servers, and other tools. The leaked files have already been verified by few cyber security experts as legitimate. On the other hand, Shadow Brokers are claiming to leak more data online for sale. They have expressed their intention to sell it in an auction for 1 million Bitcoins.
It is widely believed that the Equation Group is a secretive, dangerous organization within the National Security Agency who have access to sophisticated tools and techniques for compromising cybersecurity. It is speculated that the Equation Group was responsible for the previous Regin and Stuxnet attacks where the systems in security and nuclear installations belonging to “enemy states” were infected with a malware.
Among many files, security experts were able to find references to certain hacking tools and protocols that were earlier made public by the former NSA analyst turned whistleblower Edward Snowden. Discounting the leaked files as part of a hoax, a well-known security researcher known by the name Grugq was quoted by a tech magazine saying,
“If this is a hoax, the perpetrators put a huge amount of effort in… The proof files look pretty legit, and they are exactly the sorts of exploits you would expect a group that targets communications infrastructure to deploy and use.”
Speaking about the leaked tools, a Kaspersky researcher has mentioned that there is a possibility these files may not belong to Equation Group, but some other parallel NSA cyber operation. However, they don’t contest the origin of the files.
If the hack has indeed happened and the Shadow Brokers do sell these tools to the highest bidder, it may turn out to be the biggest security breach in the history. The United States may have to answer to other countries as well as their own domestic population about what they have been doing so far and why.
Ref: Motherboard | HackerNews | Image: News18