The Shadow Brokers did not respond to an emailed request for
Paul Szoldra/Business Insider
"From my perspective, its extremely bizarre behavior," an ex-NSA hacker who spoke on condition of anonymity told Business Insider. "Most groups who either identify or trade in exploits do one of two things. If you identify, like a security research firm [does] ... they'll typically publish their findings. They're really in the best interest of the companies and users who use these products."
Earlier this week, a group calling itself the "Shadow Brokers" announced that it was selling a number of cyber weapons — auction-style — that it claimed were hacked and stolen from an alleged NSA hacking group dubbed "The Equation Group."
National Security Agency
Aitel also doesn't think that anyone is going to actually pony up the money required to win the auction. And that prediction is probably going to be right, since WikiLeaks claims that it already has the archive.
"We had already obtained the archive of NSA cyber weapons released earlier today," its official Twitter account wrote, "and will release our own pristine copy in due course."
The source added: "In the other scenarios, folks who sort of deal in the exploit markets. They quietly sell these things. To come out with this public auction is the more bizarre variance of that that I've ever seen. So it's not clear what the intent here is."
Though this seems problematic, it's probable that the group no longer has access to the server, so it no longer cares about getting back on it. Since the files are years old, this could be the case. But it's still out of the ordinary since any claim like this can be later investigated by the victim, which will be going through everything trying to figure out who they are.
Software exploits are digital gold for hackers, since they often give a key inside a system or network that no one has ever noticed before, and thus, hasn't fixed. Which is why the marketplace for these "zero-day" exploits is so lucrative. We're talking hundreds of thousands to millions of dollars for this kind of code.
"That could have significant foreign policy consequences," Snowden wrote on Twitter. "Particularly if any of those operations targeted US allies. Particularly if any of those operations targeted elections."
Instead, the group wrote on Pastebin, a website where you can store text, that "we follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons," which immediately signals to this alleged NSA hacker group that they have a big problem.
According to ex-NSA insiders who spoke with Business Insider, the agency's hackers don't just put their exploits and toolkits online where they can potentially be pilfered. The more likely scenario for where the data came from, says ex-NSA research scientist Dave Aitel, is an insider who downloaded it onto a USB stick.
Most of the time, an exploit is either found by a security research firm, which then writes about it and reports it to the company so it can fix the problem. Or, a hacker looking for cash will take that found exploit and sell it on the black market.
"He has the same theory — the DNC hack happened. The US political people got upset. They probably made the NSA do a covert response," Aitel speculated. "This is another response to the NSA's covert response. There's a lot of sort of very public messages here going back and forth, which is interesting to look at."
If the Shadow Brokers owned the NSA's command and control server, then it would probably be a much better approach to just sit back, watch, and try to pivot to other interesting things that they might be able to find.
One of the many strange things about this incident is the very public nature of what transpired. When a hacker takes over your computer, they don't start activating your webcam or running weird programs because you'd figure out pretty quickly that something was up and you'd try to get rid of them.
The same is true for the NSA.
Beside the fact that the National Security Agency getting hacked is eyebrow-raising in itself, the leak of the data and the claim from this mystery group that it's just trying to make money doesn't seem to add up.
"This idea that a group of unknown hackers are going to take on the NSA seems unlikely as well," Aitel told Business Insider. "There's a long arm and a long memory to the US intelligence community, and I don't think anyone wants to be on the other end of that without good reason. I don't necessarily think a million bitcoin is a good-enough reason."
If this was some random hacking group, then it would've been better to keep their mouth shut, especially when their victim is the NSA.
Aitel seems to agree, though he criticized Snowden as being, at some level, a "voice piece" for Russian intelligence now, since he lives in asylum in Moscow.
If you ask ex-NSA contractor Edward Snowden, the public leak and claims of the Shadow Brokers seem to have Russian fingerprints all over them, and it serves as a warning from Moscow to Washington. The message: If your policymakers keep blaming us for the DNC hack, then we can use this hack to implicate you in much more.
Instead of a "hack," Aitel believes, it's much more likely that this was a more classic spy operation that involved human intelligence.
So it would make sense for a group like Shadow Brokers to want to sell their treasure trove, but going public with it is beyond strange.
Analysis: What 2019 Could Bring for Bitcoin
Trading in altcoins was a big part of what made Bitcoin price spike towards the end of 2017. A section of the crypto space argues that while altcoins helped Bitcoin’s market cap swell, they also bro
Bitcoin Cash Going Down as Stellar Warms up
Bitcoin Cash’s market cap has been cut in half since the Nov. 15 hardfork which birthed the Bitcoin ABC and Bitcoin SV chains. Now at a mere $3.5 bln and a unit price of ~$201 as at the time of writ
300k User Data from Chinese Auto Finance Platform Sold For One Bitcoin on Dark Web
It is revealed that 300,000 pieces of user data from a Chinese auto finance platform Jiurong were compromised and priced at one bitcoin on the dark web.
According to the leaked data posted, persona
Heyday of Bitcoin Mining Rigs Business at China’s Huaqiangbei is Over Amid Crypto Market Carnage
Bitcoin price slumped to a 13-month low of about $4,300 on Wednesday, making mining the world’s leading digital currency an unprofitable business. A lot of mall miners, mining rigs dealers and minin
Dialogue with Bitcoin Evangelist in Latin America: RSK Labs CEO Diego on Crypto Industry
Diego Gutierrez is the CEO at Koibanx and president of Bitcoin Argentina NGO. In addition, Diego also serves as the CEO of Rootstock/RSK Labs, a smart contract platform built on top of bitcoin.
China’s Bitcoin Billionaire Zhao Dong : Bitcoin Price to Hit $50,000 in Three Years—Now Is the Time to Buy the Dip
Despite Bitcoin’s latest crash and a real chance that its price will go much lower, Zhao Dong, prominent Chinese OTC trader and founder of Dfund, remains bullish on the the world’s biggest cryptoc
Bitcoin Miners Sold by Kilo in China Amid Cryptocurrency Crash
The leading cryptocurrency bitcoin once fell below $4,300 on the afternoon of November 20 – down more than 17% on a 24-hour basis and hitting a 13-month low since October 2017. Great losses are seen
Xiao Lei: 3 Main Reasons of the “Unreasonable” Bitcoin Price Crash
Cryptocurrency markets experienced a havoc in the past few days. Bitcoin, the uncrowned king in the crypto world, has fell as much as 30% over the past two weeks, while other major tokens are all suff