Copyright: Attribution, allow others to create paper-based, and must distribute paper (based on the original license agreement with the same license Creative Commons )
As early as 16 years in February, Kaspersky Security Labs discovered the history of the named equation (Equation Group) network of the strongest criminal organization, and the group has been active for nearly 20 years. In August this year, the NSA's Formula One team has been compromised by hackers Shadow Brokers Group, part of the NSA software and the information was leaked. Originally, Shadow Brokers intends to disclose these tools crowdfunding sales. However, due to crowdfunding effect is not obvious, so the Shadow Brokers decided to leak these tools packaged for sale.
If the reader is not familiar with the event, FreeBuf can read the following article for more information:
2016-08-16: Express! Express! NSA hacked, or is likely to become the second TheHackingTeam event!
2016-08-28: onlookers equation organization "killing device" ExtraBacon, the new version of the Cisco ASA firewall suffer
2016-09-18: decryption equations organization Unix backdoor NOPEN
2016-09-22: The equation then exposed 0day vulnerabilities: Cisco equipment over 840,000 affected
2016-11-02: Shadow Brokers announced the list of countries to be NSA server invasion of China was hardest hit
2016-12-16: Shadow Brokers begin selling directly NSA equation hacking tools, MISS! The NSA is more serious than the black events described multi-media
Before you say Shadow Brokers, we have to talk about Grugq and Hacker House. Grugq is an independent security expert in information security and anti-spyware technology has a high achievement. The Hacker House is a relatively well-known British hacker group. They invaded NSA for Shadow Brokers done a deep analysis of the severity of the event from the tool to the analysis and so on.
It grugq believe that this matter is much more complex than those often described in the media. Initially, Shadow Brokers release the NSA leak after all GPG encryption and decryption key tool ciphertext free version. As for the rest, you need to pay to get the decryption key.
Grugq After analyzing these documents that: "Unless the NSA in the private network, it is impossible to download those files." In other words, Shadow Brokers not only invaded the NSA provider's network so simple could have put internal NSA a stroll all over the network. Shadow Brokers now available information, definitely more than the media described.
Grugq said: "Some people think that NSA is black and events related to Russia, and some people think that CIA (CIA) and NSA (United States Department of Homeland Security) NSA is actually an internal war, and Russia did not have any black event. relations, internal wars of the CIA and NSA argument is unfounded. it can be a metaphor, CIA has been that kind of nerdy NSA. NSA and CIA believed that a Ruff. but both of them have one thing in common, that is considered to be a FBI idiot."
NSA leak analysis tool preview
Shadow Brokers will capture all of the tools put ZeroNet platform and carry out the sale. 1000 Bitcoin can buy a full set, you can also choose to buy in batches. ZeroNet platforms require a special tool to open access, of course, you can also access Shadow Brokers directly on the home page bit.no.com.
Of course, 1000 Bitcoin is not a joke, in case of fake encounter Shadow Brokers how to do? Hacker House confirmed that after analyzing the sig file is the signature file screenshot Shadow Brokers official news release.
Hacker House immediately after receiving the shots analyze a list of tools, bits and converts currency into US dollars, in order to facilitate the purchase. You can download the spreadsheet in GitHub.
The table for all files and Shadow Brokers offer, Hacker House leaked NSA think at least the following means "dry":
Solaris system remote command execution 0day
Solaris CDE ttsession system of Exploit
Solaris system iPlanet mailbox Exploit
cPanel elevation of privilege and remote command execution Exploit 0day
Avaya telecommunications systems management software related attacks
Sendmail Linux version of Exploit
XORG mention the right of vulnerability
Apache local root privileges Exploit (there may be, not sure)
Other Exploit unknown
list leaked Hacker House provided a total of 56 tools sold, 17 labeled as unknown, 16 Exploit, 13 is th implant, 7 toolkits, 1-RAT, a Trojan and a marked missing.