It’s an embarrassing breach and should have never happened. It is a dump of tools used by NSA agents in the field, akin to the image of the TSA master keys used to create 3D printed copies. Owning these files on your computer, however, could suggest to a foreign power that you are part of the NSA’s nefarious schemes, a slight concern when crossing borders.
The files don’t appear to contain any identifying data nor do they clearly point to any single agent in the field. The hack of an NSA malware staging server is not unprecedented, but the publication of the take is. The hackers have received a little over a bitcoin in their online wallet and no one has come forward to pay for the “best files.”Īs for the auction the Equation Group will release the files to the highest bidder and they promise the files are “better than stuxnet,” a virus used to slow down Iran’s nuclear enrichment programs. Snowden suggests that all of these files were on a staging server somewhere within the Equation Group servers and by admitting they scoured the Group’s “source range” we learn that the Shadow Brokers found one Equation Group server and methodically tried IP addresses in that range. While a folder of files isn’t as exciting as, say, a whirring, clicking magic hacking machine we’d see in the movies, this is the stuff an agent would download, use, and delete when trying to take control of a server. These are, however, the files that an NSA agent would use if they were trying to hack your server. Without training, however, it is not clear if any of the files are particularly dangerous on their own. Some of the files – BANANAGLEE, for example – appeared in the leaked Snowden files which suggests the files are real and sourced from the NSA’s own servers. The “free” files are all dated from the Summer of 2013 which suggests they aren’t completely up to date and they contain fairly innocuous-looking tools with ominous names like “eligiblebombshell” and “escalateplowman.” Most of these are human-readable and written in Python or shell script although there are some compiled binaries. These are hacking tools including RATs – or remote access Trojans – and exploits designed to attack web and file servers. What Does It Mean?įirst, we need to understand what these files are and what they do. Snowden suggests that the hackers were Russian although the simplistic grammar above could be a cover. But not all, we are auction the best files.
This is good proof no? You enjoy!!! You break many things. We give you some Equation Group files free, you see. We find many many Equation Group cyber weapons.
Nsa hacking tools full#
Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. How much you pay for enemies cyber weapons? Not malware you find in networks.