The Shadow Brokers did not respond to an emailed request for
Paul Szoldra/Business Insider
"From my perspective, its extremely bizarre behavior," an ex-NSA hacker who spoke on condition of anonymity told Business Insider. "Most groups who either identify or trade in exploits do one of two things. If you identify, like a security research firm [does] ... they'll typically publish their findings. They're really in the best interest of the companies and users who use these products."
Earlier this week, a group calling itself the "Shadow Brokers" announced that it was selling a number of cyber weapons — auction-style — that it claimed were hacked and stolen from an alleged NSA hacking group dubbed "The Equation Group."
National Security Agency
Aitel also doesn't think that anyone is going to actually pony up the money required to win the auction. And that prediction is probably going to be right, since WikiLeaks claims that it already has the archive.
"We had already obtained the archive of NSA cyber weapons released earlier today," its official Twitter account wrote, "and will release our own pristine copy in due course."
The source added: "In the other scenarios, folks who sort of deal in the exploit markets. They quietly sell these things. To come out with this public auction is the more bizarre variance of that that I've ever seen. So it's not clear what the intent here is."
Though this seems problematic, it's probable that the group no longer has access to the server, so it no longer cares about getting back on it. Since the files are years old, this could be the case. But it's still out of the ordinary since any claim like this can be later investigated by the victim, which will be going through everything trying to figure out who they are.
Software exploits are digital gold for hackers, since they often give a key inside a system or network that no one has ever noticed before, and thus, hasn't fixed. Which is why the marketplace for these "zero-day" exploits is so lucrative. We're talking hundreds of thousands to millions of dollars for this kind of code.
"That could have significant foreign policy consequences," Snowden wrote on Twitter. "Particularly if any of those operations targeted US allies. Particularly if any of those operations targeted elections."
Instead, the group wrote on Pastebin, a website where you can store text, that "we follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons," which immediately signals to this alleged NSA hacker group that they have a big problem.
According to ex-NSA insiders who spoke with Business Insider, the agency's hackers don't just put their exploits and toolkits online where they can potentially be pilfered. The more likely scenario for where the data came from, says ex-NSA research scientist Dave Aitel, is an insider who downloaded it onto a USB stick.
Most of the time, an exploit is either found by a security research firm, which then writes about it and reports it to the company so it can fix the problem. Or, a hacker looking for cash will take that found exploit and sell it on the black market.
"He has the same theory — the DNC hack happened. The US political people got upset. They probably made the NSA do a covert response," Aitel speculated. "This is another response to the NSA's covert response. There's a lot of sort of very public messages here going back and forth, which is interesting to look at."
If the Shadow Brokers owned the NSA's command and control server, then it would probably be a much better approach to just sit back, watch, and try to pivot to other interesting things that they might be able to find.
One of the many strange things about this incident is the very public nature of what transpired. When a hacker takes over your computer, they don't start activating your webcam or running weird programs because you'd figure out pretty quickly that something was up and you'd try to get rid of them.
The same is true for the NSA.
Beside the fact that the National Security Agency getting hacked is eyebrow-raising in itself, the leak of the data and the claim from this mystery group that it's just trying to make money doesn't seem to add up.
"This idea that a group of unknown hackers are going to take on the NSA seems unlikely as well," Aitel told Business Insider. "There's a long arm and a long memory to the US intelligence community, and I don't think anyone wants to be on the other end of that without good reason. I don't necessarily think a million bitcoin is a good-enough reason."
If this was some random hacking group, then it would've been better to keep their mouth shut, especially when their victim is the NSA.
Aitel seems to agree, though he criticized Snowden as being, at some level, a "voice piece" for Russian intelligence now, since he lives in asylum in Moscow.
If you ask ex-NSA contractor Edward Snowden, the public leak and claims of the Shadow Brokers seem to have Russian fingerprints all over them, and it serves as a warning from Moscow to Washington. The message: If your policymakers keep blaming us for the DNC hack, then we can use this hack to implicate you in much more.
Instead of a "hack," Aitel believes, it's much more likely that this was a more classic spy operation that involved human intelligence.
So it would make sense for a group like Shadow Brokers to want to sell their treasure trove, but going public with it is beyond strange.
Bitcoin's Price Breaks Through Key Support As Stocks Go South
Bitcoin (BTC) has dropped out of the tight trading range seen recently, paralleling losses in the U.S. stock markets.
The leading cryptocurrency, which was trapped in a triangle pattern (narrowing
Chip Maker TSMC Forecasts Weaker Crypto Mining Demand in Q4
Chip-making giant Taiwan Semiconductor Manufacturing Company (TSMC) has predicted weak demand for processors from cryptocurrency miners for the fourth quarter.
TSMC, the primary supplier for crypto
Crypto Exchange Huobi Now Lets Users Swap Between 4 Different Stablecoins
Huobi, the Singapore-based cryptocurrency exchange, has just launched a new solution that enables users to switch between different types of fiat currency-pegged cryptocurrencies, or stablecoins, in e
Bitcoin Price Eyes Triangle Breakout Above $6.4K
Bitcoin (BTC) is again trading in a narrowing price range above $6,400, but the lateral trading may soon give way to a rally, according to technical studies.
The price consolidation comes after Mon
Security firm G4S Has Launched a Crypto Custody Service
U.K.-based security services company G4S now offers a crypto custody service aimed to protect investors' holdings of digital assets.
Announcing the move in a press release on Oct. 16, the firm said
Gates Foundation Partners With Former Ripple CTO's Blockchain Project
The Bill and Melinda Gates Foundation has partnered with blockchain startup Coil as part of its mission to provide payment services for the unbanked.
The news comes via a tweet from Miller Abel, th
Mt Gox's Bitcoin Creditors Have 4 Days to Submit Rehabilitation Claims
Clients of the defunct crypto exchange Mt. Gox must submit claims for trapped funds by Oct. 22.
As previously reported by CoinDesk, the exchange first opened up the claims process in August, follow
Crypto Exchange Coinbase Open-Sources Its Security Scaling Tool
U.S.-based cryptocurrency exchange Coinbase is making a recently developed automated security scaling tool available to the public.
Called Salus, after the Roman the goddess of safety and well-bein