The previously-unknown Shadow Brokers created
a number of social-media accounts earlier this month on
Reddit, Github, Twitter, and Imgur, before announcing on
August 13 its "cyber weapon auction," which promised
bidders a "full state sponsor tool set" from a hacking unit
believed to be within the NSA known only as "The
In the announcement of its auction, Shadow Brokers seemed to ensure that no one would seriously consider bidding on the other half of its treasure trove, which it claims has within it software that is better than "Stuxnet" — the US-Israeli malware that destroyed Iranian nuclear centrifuges.
Josh Mayeux, a network defender, works at the US Air Force Space Command Network Operations & Security Center at Peterson Air Force Base in Colorado Springs, Colorado, on July 20, 2010. REUTERS/Rick Wilking
This just "shows the fraud of the whole Bitcoin angle," Schindler said.
A group calling itself the "Shadow Brokers" claimed earlier this week that it hacked into the US National Security Agency and stole an apparent treasure trove of exploits and hacking tools that it is now trying to auction off.
"This auction is one of the more bizarre things that I've ever seen in this space. People who buy and sell exploits would not just dump money into an auction," a source who used to work for the NSA's elite hacker unit, Tailored Access Operations, told Business Insider on condition of anonymity in order to discuss sensitive matters. "It kind of makes no sense."
"Sorry lose bidding war lose bitcoin and files," the group wrote.
Further, the website WikiLeaks apparently has the full archive and says that it will release its own "pristine copy in due course." WikiLeaks did not respond to an email from Business Insider asking when that release would be.
Former NSA contractor Edward Snowden offered his opinion on the underlying message behind the "auction" in a series of tweets on Tuesday, notably pointing the finger at Russia as being behind it.
"It's a smokescreen, there's nothing real about this," John Schindler, a former NSA analyst and counterintelligence officer, told Business Insider. "This is Moscow's way of upping the ante in the spy war, and sending a message no one can miss [which is] 'we have you penetrated, we've got you by the balls, don't push us.'"
That's probably why the so-called auction hasn't moved anywhere close to the group's goal of 1 million Bitcoin, or roughly $575 million. The high bid is currently 1.629 Bitcoin, a surprisingly low figure for a software package that, if it were "better than Stuxnet," would contain a number of unknown software exploits called "zero days," each of which can be sold for $100,000 or more on the black market.
Its FAQ tells bidders that they are going to lose their Bitcoin, no matter what they do. If you win the auction, you'll get the files, but if you lose the auction, you don't get the files — and you don't get your Bitcoin back.
It released a 234-megabyte archive on various file-sharing sites with one-half being free to view and use — which numerous experts say is legitimate — while the other half was encrypted. The winner of the auction, the group said, would get the decryption key.
That "smoking gun" evidence never came, though a number of US political and intelligence officials have said that the DNC hack was at the Kremlin's direction.
There's something else going on here, and it seems like it has nothing to do with a hacking group looking for cash.
The Kremlin towers and St. Basil's Cathedral in Moscow. Thomson Reuters
But experts say that this is all a smokescreen for a not-so-subtle message from Moscow to Washington: Don't mess with us.
He added: "The Russians are making a power play because they think they can right now."
How messy? According to Snowden, the fully-leaked toolkit — from 2013 — could offer insight into previous hacks carried out by the NSA, or it could be reverse-engineered to help adversaries detect them in the future. Even Schindler, the former NSA analyst who's an outspoken critic of Snowden, agrees with Snowden's finding on the overt message, though he doesn't think that leaked tools will have any significant effect on future NSA operations.
After cybersecurity firm CrowdStrike said that it uncovered two different state-sponsored Russian hacking groups inside the servers of the Democratic National Committee in June, Snowden wrote that "if Russia hacked the DNC, they should be condemned for it," and then chided the US for not releasing evidence that he believed the NSA had that would prove it.
"This stuff has all been changed," Schindler said. "Three years is a long time in cyber ops, because that's not the point. The point is to show NSA that we've got you by the balls."
But an auction for hacking tools and exploits is not something that ever happens, experts say. Instead, exploits are bought and sold on the black market for hundreds of thousands and sometimes millions of dollars, in private.
"Circumstantial evidence and conventional wisdom indicates Russian responsibility," wrote Snowden of this latest breach, adding, "This leak looks like somebody sending a message that an escalation in the attribution game could get messy fast."
"The low Bitcoin offers are pretty amusing though," Dr. Peter Singer, a strategist at the think tank New America and coauthor of "Ghost Fleet," told Business Insider in an email.
Bitcoin's Price Breaks Through Key Support As Stocks Go South
Bitcoin (BTC) has dropped out of the tight trading range seen recently, paralleling losses in the U.S. stock markets.
The leading cryptocurrency, which was trapped in a triangle pattern (narrowing
Chip Maker TSMC Forecasts Weaker Crypto Mining Demand in Q4
Chip-making giant Taiwan Semiconductor Manufacturing Company (TSMC) has predicted weak demand for processors from cryptocurrency miners for the fourth quarter.
TSMC, the primary supplier for crypto
Crypto Exchange Huobi Now Lets Users Swap Between 4 Different Stablecoins
Huobi, the Singapore-based cryptocurrency exchange, has just launched a new solution that enables users to switch between different types of fiat currency-pegged cryptocurrencies, or stablecoins, in e
Bitcoin Price Eyes Triangle Breakout Above $6.4K
Bitcoin (BTC) is again trading in a narrowing price range above $6,400, but the lateral trading may soon give way to a rally, according to technical studies.
The price consolidation comes after Mon
Security firm G4S Has Launched a Crypto Custody Service
U.K.-based security services company G4S now offers a crypto custody service aimed to protect investors' holdings of digital assets.
Announcing the move in a press release on Oct. 16, the firm said
Gates Foundation Partners With Former Ripple CTO's Blockchain Project
The Bill and Melinda Gates Foundation has partnered with blockchain startup Coil as part of its mission to provide payment services for the unbanked.
The news comes via a tweet from Miller Abel, th
Mt Gox's Bitcoin Creditors Have 4 Days to Submit Rehabilitation Claims
Clients of the defunct crypto exchange Mt. Gox must submit claims for trapped funds by Oct. 22.
As previously reported by CoinDesk, the exchange first opened up the claims process in August, follow
Crypto Exchange Coinbase Open-Sources Its Security Scaling Tool
U.S.-based cryptocurrency exchange Coinbase is making a recently developed automated security scaling tool available to the public.
Called Salus, after the Roman the goddess of safety and well-bein