“His response was to fight it with the only weapons at hand—passive resistance and open displays of contempt.” ― Kurt Vonnegut, The Sirens of Titan
This week a hacker group going by the name The Shadow Brokers has surfaced and appears to be auctioning off computer exploits it claims are stolen from the Equation Group. The Equation Group, a group of hackers believed to be operated by the National Security Agency, was named by Kaspersky after their analysis of “APT” activity leading up to 2015. According to Wikipedia:
“The Equation Group is a highly sophisticated threat actor described by its discoverers at Kaspersky Labs as one of the most sophisticated cyber attack groups in the world and “the most advanced … we have seen”, operating alongside but always from a position of superiority with the creators of Stuxnet and Flame”
The group that leaked the new exploit files goes by the name The Shadow Brokers and operates the Twitter account @theshadowbrokerss. Based on their Tweets, it appears that they have been preparing for this release since at least the start of August. It started with the creation of a Reddit account on the 1st of August and then over the next 13 days it appears they created accounts at GitHub, Twitter, and Imgur.
On the 13th of August they they announced the leak of this data, which stands out from other leaks because it appears to be a teaser and advertisement to promote the online auction of a larger portion of the data they got a hold of. The leak and auction announcement has been posted to various sites, including Twitter, GitHub, Tumblr, Reddit, Imgur, and Pastebin:
How much you pay for enemies cyber weapons? Not malware you find in networks. Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. Kaspersky calls Equation Group. We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files.
The data was uploaded to several sites including MEGA, which shows that it was last modified on their system on the 1st of August further suggesting they have had it for some time.
I thinks it not same. These guy not te ones it said is ones did it. I think it guys and new girl in APT G. But what I am knowing?
Everyone having part in how it getting better now. It time.