Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Throughout the history of hacking, there have been many breaches that, years or decades later, cannot be resolved. Countless hackers and hacking groups behind them have not been exposed.
But many hacking groups are caught. This is true even with cybercriminals like LAPSUS$, a well-known extortion group that disrupted companies such as Microsoft and Nvidia and those that have had several members arrested, or top Russian and Chinese government groups, whose members have been named, indicted, and placed on the most wanted list.
However, some of the most interesting cases in the history of cyber security remain open – no culprits, no answers, and in some cases, no clear reason. We decided to revisit a few of them in a series of articles, starting with one of the most amazing things in the history of smart releases.
The first part of the Shadow Brokers – a mysterious group that appeared on the Internet, dropped hacking tools believed to belong to the NSA, and then disappeared.
In the summer of 2016, amid Russian hacks related to the US presidential election, the group. appeared on Twitter. They are associated with a Pastebin post and @-mentioned a few stories – a strange, ineffective method that means many of these sites probably haven’t seen the tweets.
But if someone had clicked on the link, they would have seen a document titled “Equation Group Cyber ​​Weapons Auction – Invitation” – a reference to a hacking operation believed to be run by the NSA.
!!!! The hackers wrote, claiming to have hacked the Equation Team.
The document contained links to download hacking tools, as well as a link to download an encrypted file that interested buyers could enter when making an offer. “Files sell better than Stuxnet,” they wrote, referring to the popular malware used against Iran’s nuclear weapons in a US-Israeli cyberattack in 2007. They asked for at least 1 million Bitcoin.
The leak quickly attracted media attention. After security researchers analyzed the devices, they realized that these were high-tech Internet tools, which may have been stolen from the NSA – suspicions fueled by the fact that some shared names with programs revealed by NSA whistleblower Edward Snowden.
It seems that the sale was a sham, because a few months later the group publicly disposed of many weapons. The details of Shadow Brokers are unclear. Their broken English was almost comical, as if they were trying too hard or on purpose to show off their skills. Despite seeking attention – and getting a lot of press coverage – the group only spoke to a reporter once, giving a brief interview for 404 Media Joseph Cox, is a reporter at VICE Motherboard.
Ten years later, we still don’t really know who was behind the Shadow Brokers persona. Cox and me asked former NSA employees At that time, the said NSA Insider or former Insider may have them. But no one was ever arrested and charged – surprising, as this was one of the worst US intelligence releases ever.
One of the suspects was Harold T. Martin III, an NSA employee who was arrested for stealing classified information from the agency. But the theory is flawed: While Martin was in prison, the Shadow Brokers remained active online. No charges have been filed in connection with the leak. The most popular theory is that the Shadow Brokers were created by the Russian government’s espionage group as a propaganda tool.
The results were huge. Some of the weapons that were released, Shadow Brokers published EternalBlue – a family of zero-day threats targeting Windows that allow hackers to infiltrate computers on compromised networks, increase their access, and install self-propagating worms. (The dangers of zero day is a bug that the developer is not aware of, meaning no patch is available.) North Korean hackers used EternalBlue to release WannaCry ransomware worm. Russian hackers did this too No Petyawhich went beyond what they wanted in Ukraine and cost about $10 billion worldwide. For businesses, the lesson was simple: Threats stored by information agencies don’t stay private forever — and when they get out, private agencies pay the price.
This site is still providing the information. Among the downloaded devices were lists of project names – including one called Fast16, which simply read “NO TRUTH HERE – CONTINUE.” Last monthresearchers announced that they had discovered and analyzed it, and discovered the 2005 malware, which was designed to hack software allegedly used by Iran’s nuclear scientists.
When you purchase through links in our articles, we can get a little work. This does not affect our authorship.