Who Are the Shadow Brokers?

What is—and isn’t—known about the mysterious hackers leaking National Security Agency secrets

In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of National Security Agency secrets. Since last summer, they’ve been dumping these secrets on the internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands of anyone who wants them. They have exposed major vulnerabilities in Cisco routers, Microsoft Windows, and Linux mail servers, forcing those companies and their customers to scramble. And they gave the authors of the WannaCry ransomware the exploit they needed to infect hundreds of thousands of computer worldwide this month.

After the WannaCry outbreak, the Shadow Brokers threatened to release more NSA secrets every month, giving cybercriminals and other governments worldwide even more exploits and hacking tools.

Who are these guys? And how did they steal this information? The short answer is: We don’t know. But we can make some educated guesses based on the material they’ve published.

…continue reading

Russians Helping Trump Win Is Never Explained

Hey, Media Matters, I’m talking to you! Help me out, here, willya’?

Actually, I’ll talk to anyone, listen to anyone. You’ll find my email address at the bottom of this column, so hit me up. I’m asking — no, begging — you to write me and answer this one simple question: How did the Russians help Donald Trump become President Trump?!

 I’ve heard some talk around the edges of an answer: One version says Russian President Vladimir Putin helped facilitate the hacking of the Democratic National Committee (but now we’re hearing a DNC employee gathered up thousands of emails). Yet the subsequent release, the story goes, of those hacked emails — highly embarrassing to the Hillary Clinton campaign — may have hurt her standing in the minds of American voters.

Hence, President Trump. But is that it? Is that the whole thing?!

Forget that Julian Assange of WikiLeaks, which released the damning emails, has repeatedly said that the Russians were not involved. Of course, he would know, but OK, maybe he’s lying. And forget that the emails really just showed how Team Hillary and the DNC colluded to take out upstart foe Sen. Bernie Sanders in nefarious (and pretty disgusting) ways, and to show how petty and vindictive Clinton staffers are….continue reading

 

Hackers Unleash Second NSA-Developed Cyber-Weapon On Dark Web

While a second variant of the WannaCry(pt) ransomware (based on NSA’s EternalBlue exploit) was spreading across the globe yesterday, The FT reports criminal hacking groups have repurposed a second classified cyber weapon stolen from US spies and have made it available on the so-called dark web.

On Monday, the WannaCry attack, which hit 370,000 computers across 150 countries, appeared to slow. Europol, the European police agency, said the spread of the virus had stalled in Europe. But while infection rates have slowed, a Europol spokeswoman warned, “we do not think this is the end of the crisis. The hackers have already evolved the malware, and will probably continue to do so.”

Notably as Europe woke up (and US opened), the infection rate started to rise once again…

But as The FT reports, intelligence and law-enforcement officials said they fear WannaCry may foreshadow a wave of similarly damaging attacks, as criminals and others race to make use of digital weapons that for years were only available to the most technologically sophisticated nation states.

At least a dozen other NSA tools are currently being discussed and worked on as the basis of potential new cyber weapons on hacking forums on the dark web, parts of the internet not accessible via normal search engines.

The hacking tool, developed by the US National Security Agency and called EsteemAudit, has been adapted and is now available for criminal use, according to security analysts.

As with the NSA’s EternalBlue, the tool on which WannaCry was based, EsteemAudit exploits a vulnerability in older versions of Microsoft’s Windows software in the way in which networked machines communicate with each other.

Ciaran Martin, director of the UK’s National Cyber Security Centre, said:

“There is a global ecosystem of cyber criminals and sophisticated hackers which are putting a lot of attack methodology into open-source.

“It gets modified and reused and upgraded. The volume of open-source exploits and that ecosystem are getting bigger.”

This is far from over.

Source: Hackers Unleash Second NSA-Developed Cyber-Weapon On Dark Web

Government Created The Hacking Epidemic, They Aren’t The Solution

The “WannaCry” Malware attack that spooled out over the end of last week and into the weekend, implicates two sides of this problem. The government created the new hacking epidemic, yet are presenting themselves as a solution to it. Both of those “problems” should not be taken lightly either.

If this is the first time you’ve heard of “WannaCry”, you’ll be interested in knowing that the ransomware allegedly originated from vulnerabilities and infiltration tools developed by the National Security Agency (NSA). This little tidbit of information is largely ignored by government worshippers who seek an immediate solution caused by the government. Not only that, but the NSA had been hoarding and keeping secret from technology companies whose defenses they were breaching.  All of this secrecy was to facilitate the NSA’s ability to engage in cyber espionage and to prevent technology companies from building defenses that would have inhibited government surveillance. But then, the NSA lost control of these infiltration tools and the government agency was publicly exposed by the hacker group known as the “Shadow Brokers” last month.

Yet, not many pointed the finger at the government, when it was entirely their fault for lying to and hacking into technology companies in the first place, and creating the tools with which to commit this type of cyber espionage….continue reading

 

%d bloggers like this: