News

Group Claims To Auction Files From NSA Related Equation Group

By admin
Spread the love

A group called ‘Shadowbrokers’ claims to be in possession of files belonging to the Equation Group. It is suspected that this group is associated with the American NSA. The Shadowbrokers are organizing an auction for the files.

The auction announcement is on a GitHub page. In very poor English, the Shadowbrokers describe that they have been able to gain access to files of the Equation Group. They also write that they are making some of the stolen files available for free as a form of evidence, but that ‘the best files are kept for auction’. The tools are said to be ‘better than Stuxnet’.

According to the instructions, participants of the auction must send bitcoins to a specific address. Apparently no one has done this yet. The grouping points out that contact details in an OP_Return-opcode should be added to the transaction. Whoever sent the highest amount after an undisclosed amount of time will then be sent the decryption keys for the files.

The free files are located in a folder called “Firewall” which is divided into other folders. The file structure can be seen in a Pastebin post. One of the folders is named “bananaglee,” which is the name the NSA gave to an exploit for Juniper NetScreen devices. Other directories have names like ‘scripts’ and ‘tools’.

The chance that the action of the Shadowbrokers is a hoax is considerable. If they did indeed gain access to the Equation Group, there are many other ways to monetize the files. The auction procedure also raises a number of questions, among other things. Until an analysis of the available files has taken place, little can be said about the authenticity of the Shadowbrokers’ claims.

The Equation Group was identified by Kaspersky in 2015 as a group “which in complexity and knowledge exceeds anything known to date, and which has been active for twenty years”. According to the security company, the group uses so-called advanced implants, with which they infiltrate targets. There were also indications that the Equation Group has ties to the people behind the Stuxnet malware and its variants Duqu and Flame. A former NSA operative confirmed to Reuters at the time that Kaspersky’s analysis was correct. At the time, the group was believed to have ties to the NSA.

A screenshot of the folder structure of the free files

You might also like
News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

‘Microsoft wants to postpone deadline for Activision Blizzard…

News

Russian ministry bans iPhones due to suspicion of espionage

News

Valve releases major Team Fortress 2 update with community maps and new taunts

News

GitHub enables passwordless login via passkeys in beta