Shadow Brokers, the hacking group that claimed to have cracked a server containing a trove of US intelligence hacking tools and put them up for sale in an auction that attracted no bids, has returned with the release of more tools it claims were created by the US National Security Agency.
It comes just months after the group wound up its auction, released 58 tools free and promised to release the entire portfolio of hacking tools to anyone for a total of 750 bitcoin – about £500,000 – at the time.
The release was made this weekend and announced in a blog posting in an open letter addressed to President Trump, proclaiming the group’s support for Trump. It comes after a US air strike on Syria following allegations of a gas attack by Syrian government forces in north-western Syria.
In the long, rambling letter, entitled “Don’t forget your base”, the Shadow Brokers denied suggested links between them and Russian intelligence.
“If the Shadow Brokers [are] Russian don’t you think we’d be in all those US government reports on Russian hacking? The Shadow Brokers [aren’t fans of Russia or Putin but “The enemy of my enemy is my friend”. We recognise Americans having more in common with Russians than Chinese or Globalist or Socialist.
“Russia and Putin are nationalist and enemies of the Globalist. Examples: NATO encroachment and Ukraine conflict. Therefore Russia and Putin are being best allies until the common enemies are defeated and America is great again.”
The files released by the Shadow Brokers group have been uploaded to Github. The files include a zero-day exploit of Oracle’s Solaris Unix operating system, a tool linked with Equation Group – a suspected NSA front – that mimics a Chinese web browser, and evidence of the NSA’s compromise of Pakistan’s Mobilink mobile network.
More details will almost certainly emerge as security specialists analyse the various tools and documents.
The return of Shadow Brokers comes as Wikileaks continues to release more information about alleged US intelligence hacking tools, although most of the information so far has proven to be out of date.
Join Computing in London on 4 May for the Cyber Security Strategy Briefing 2017 for the Financial Sector.
Speakers include Adam Koleda, IT director of insurance firm BPL Global; Peter Agathangelou, associate director of Hamilton Fraser Insurance; and, Dr Kuan Hon, consultant lawyer at law firm Pinsent Masons.
Attendance is free to qualifying IT professionals and IT leaders – register now!
Save this article