Angry Shadow Brokers release password for suspected NSA hacking tools

Credit to Author: John Ribeiro| Date: Mon, 10 Apr 2017 03:45:00 -0700

Annoyed with the U.S. missile strike last week on an airfield in Syria, among other things, hacker group Shadow Brokers resurfaced and released what it said was the password to files containing suspected National Security Agency tools it had earlier tried to sell.

“Is appearing you are abandoning ‘your base’, ‘the movement’, and the peoples who getting you elected,” the group wrote in broken English in a letter to President Donald Trump posted online on Saturday.

The hacker group, believed by some security experts to have Russian links, released in January an arsenal of tools that appeared designed to spy on Windows systems, after trying to to sell these and other supposedly Windows and Unix hacking tools for bitcoin.

The group had also announced its retirement, which, coming a few days before Trump’s inauguration, led to speculation that the Shadow Brokers was part of the hacking operations Russia had set up to allegedly help the new president get elected.

The group shot to prominence in August after it dumped hacking tools for routers and firewall products that it said came from the Equation Group, a cyberespionage team that is suspected to work for the NSA. The group published sample files as well as those to which it would provide the password to the winning bidder in the auction.

The U.S. attacked a Syrian government airfield last week in response to reports of an alleged chemical weapon attack by the government that killed dozens of people including children. Trump said the chemical attack had been launched from the airfield.

“Quick review of the #ShadowBrokers leak of Top Secret NSA tools reveals it’s nowhere near the full library, but there’s still so…. much here that NSA should be able to instantly identify where this set came from and how they lost it,” former NSA contractor and whistleblower Edward Snowden said in Twitter messages.

“If they can’t, it’s a scandal,” he added.

The strike on the airfield has also irked Russia, a backer of the regime of President Bashar al-Assad. The Shadow Brokers’ criticism of the move is likely to further fuel speculation that it is backed by the Russian government, though there have also been theories that its members are disguising their identity with their broken English on Twitter and in their posts to pass off as Russians.

The group on Sunday denied it was backed by Russia stating that: “If theshadowbrokers being Russian don’t you think we’d be in all those U.S. government reports on Russian hacking?” the group wrote.

The NSA could not be immediately reached for comment after business hours.

http://www.computerworld.com/category/security/index.rss