Latest in Gear

Image credit:

New Snowden docs suggest Shadow Broker leak was real

Looks like those actually are the NSA's hacking tools up for auction.
1089 Shares
Share
Tweet
Share
Save

Sponsored Links

On Monday, a group of hackers calling themselves the Shadow Broker put up a number of cyber-espionage tools reportedly stolen from NSA-associated hacking outfit, the Equation Group. Edward Snowden has already publicly speculated that the intrusion and theft was actually just another salvo in the ongoing Digital Cold War happening between the US and Russia. However, nobody was 100 percent certain that the tools for sale really were NSA property. Now, Snowden has released documentation to The Intercept that suggests the tools really are what the Shadow Brokers say they are.

Specifically, Snowden has released a classified Top Secret agency manual for implanting malware. That manual instructs agents to track their malware deployments using the character string "ace02468bdf13579", which it so happens appears in 14 places throughout the code of SECONDDATE, a program that the Shadow Broker leaked. SECONDDATE is a tool used to infiltrate and monitor network activity using an exploit on vulnerable network routers, allowing the NSA to run "man in the middle attacks" against targeted computers. It reportedly even works against encrypted wireless signals.

The danger here isn't just that the monitoring tool is publicly available, which puts any user with a vulnerable router at risk, there's also the issue that Shadow Broker was successful in the first place. The fact that they were able to covertly breach a supposedly secure NSA staging server and abscond with dozens of the agency's prized hacking tools -- without being immediately caught -- must mean that the group (and whoever is bankrolling them) possesses exploits that the US cannot currently defend against.

There are serious political and diplomatic implications as well. As Snowden argued earlier this week, the entire hack reeked of state-sponsorship. It could very well be interpreted as a warning shot from Russia. Should the US dig too deep or rattle its saber too loudly over the DNC leak, the Russians would be able to show that America is just as guilty of cyber-spying -- perhaps even against its own allies. While nobody has been able to conclusively prove that Russia is behind the attack, both it's timing and target, remain highly suspect.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
1089 Shares
Share
Tweet
Share
Save

Popular on Engadget

The best consoles, games and accessories for students

The best consoles, games and accessories for students

View
Gene editing tool could treat many diseases created by mutations

Gene editing tool could treat many diseases created by mutations

View
Volvo's Polestar engineered XC60 is fast, but still reserved

Volvo's Polestar engineered XC60 is fast, but still reserved

View
Netflix thriller 'Clickbait' will explore the dark side of social networks

Netflix thriller 'Clickbait' will explore the dark side of social networks

View
'Dota 2' champions won more money than top Wimbledon players

'Dota 2' champions won more money than top Wimbledon players

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr