Suspected NSA tool hackers dump more cyberweapons in farewell

The Shadow Brokers dumped the hacking tools online after attempting to sell a large cache for bitcoin

The hacking group that stole cyberweapons suspected to be from the U.S. National Security Agency is signing off -- but not before releasing another arsenal of tools that appear designed to spy on Windows systems.

On Thursday, the Shadow Brokers dumped them online after an attempt to sell these and other supposedly Windows and Unix hacking tools for bitcoin.

The Shadow Brokers made news back in August when they dumped hacking tools for routers and firewall products that they claimed came from the Equation Group, a top cyberespionage team that some suspect works for the NSA.

Those tools contained several previously unknown and valuable exploits, lending credibility to the hacking group's claims, according to security researchers.  

The Shadow Brokers' latest dump includes 61 files, many of which have never been seen by security firms before, said Jake Williams, founder of Rendition InfoSec, a security provider.

He’s been examining the tools, and said it’ll take time to verify their capabilities. His initial view is that they’re designed for detection evasion.  

For instance, one of the tools is built to edit Windows event logs. Potentially, a hacker could use the tool to selectively delete notifications and alerts in the event logs, preventing the victim from realizing they’ve been breached, he said.

“If you simply remove a record or two, then even an organization that is following the best security practices, presumably, wouldn’t notice the change,” he said.

On Thursday, the Shadow Brokers said they released the Windows hacking tools for free because a Kaspersky Lab’s antivirus product could already flag them as harmful.

The clandestine group previously tried to auction off a whole set of hacking tools for 1 million bitcoins or what was at the time US$584 million. But after several months, that auction only managed to generate 10 bitcoins.

“Despite theories, it always being about bitcoins for TheShadowBrokers,” the group said in broken English in their supposed final message.

However, Williams believes the Shadow Brokers are likely spies working for the Russian government. This latest dump was a message to the U.S, he said.

Williams points to the timing. In recent weeks, U.S. intelligence agencies have been claiming the Kremlin tried to influence the U.S. election. Based on those findings, President Barack Obama has already ordered sanctions against Russia and vowed covert action.

“If they are Russian, this is a shot across the bow,” Williams said.

It’s unclear how the Shadow Brokers managed to steal the hacking tools. But they claim to have many more in reserve. The group has said their arsenal of supposed Linux and Windows-based hacking tools is still up for sale at 10,000 bitcoins.

On Thursday, Microsoft said it's investigating this latest batch of hacking tools that have been released. 

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Michael Kan

IDG News Service
Show Comments

Brand Post

PC World Evaluation Team Review - MSI GT75 TITAN

"I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it."

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?