Who Are the Shadow Brokers?

What is—and isn’t—known about the mysterious hackers leaking National Security Agency secrets

In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of National Security Agency secrets. Since last summer, they’ve been dumping these secrets on the internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands of anyone who wants them. They have exposed major vulnerabilities in Cisco routers, Microsoft Windows, and Linux mail servers, forcing those companies and their customers to scramble. And they gave the authors of the WannaCry ransomware the exploit they needed to infect hundreds of thousands of computer worldwide this month.

After the WannaCry outbreak, the Shadow Brokers threatened to release more NSA secrets every month, giving cybercriminals and other governments worldwide even more exploits and hacking tools.

Who are these guys? And how did they steal this information? The short answer is: We don’t know. But we can make some educated guesses based on the material they’ve published.

…continue reading

4 Ways The Average Person Can Avoid Ransomware


The WannaCry ransomware has affected more than 300,000 people around the world and scared many more. While WannaCry may have been halted, incidents of ransomware in general are rising and an average tech user could easily fall victim to it. But there are some things you can do.

Maintain Good Cyber Hygiene

“You shouldn’t fear ransomware; rather, prepare for it by practicing reasonable cyber hygiene,” said James Scott, senior fellow at the Institute for Critical Infrastructure Technology.

Even if ransomware didn’t exist, every tech user should be using good cyber practices anyway. Everyone should have strong passwords and use two-factor authentication to make their passwords even stronger.

Don’t click on any suspicious links in email or on social media, especially those that use a URL shortener, Scott said.

“This is a common obfuscation tactic by malicious actors to get you to click on a ransomware or malware-infected link,” Scott said….continue reading

 

WannaCry Ransomware Decryption Tool Released; Unlock Files Without Paying Ransom

If your PC has been infected by WannaCry – the ransomware that wreaked havoc across the world last Friday – you might be lucky to get your locked files back without paying the ransom of $300 to the cyber criminals.

Adrien Guinet, a French security researcher from Quarkslab, has discovered a way to retrieve the secret encryption keys used by the WannaCry ransomware for free, which works on Windows XP, Windows 7, Windows Vista, Windows Server 2003 and 2008 operating systems….continue reading

 

“ShadowBrokers” Hacking Group Launches Subscription Service Selling Nuclear Secrets

The hacking group known as ‘The Shadow Brokers’ is pushing a monthly subscription service offering members top secret information including “compromised network data” from the nuclear and ballistic missile programs of Russia, China, North Korea and Iran.

https://www.rt.com/viral/388717-shadow-brokers-monthly-subscription/video/

As a reminder, we have noted in the past, many security experts believe the Equation Group is the National Security Agency, and that the Shadow Brokers may be part of a psychological operations campaign run by Russian intelligence.

Shadow Brokers first emerged last August, offering to auction hacking exploits it said were used by the NSA’s elite hacking team known as Equation Group (officially named Tailored Access Operations). NSA whistleblower Edward Snowden and others confirmed the leak was authentic.

In December, Shadow Brokers cancelled its auction and offered to sell the exploits.

In April, the group released passwords to the rest of the hacking exploits in a move described as a protest against President Donald Trump for abandoning his base.

The release included a Windows SMB [Server Message Block] exploit, EternalBlue, which was leveraged in the recent WannaCry global ransomware attack.

In its Tuesday blog post, the group expressed its surprise that governments or tech companies didn’t bid in its past auctions.

It said is has always been about “the shadowbrokers vs theequation group,” and implied the NSA is a cohort of tech companies like Microsoft….continue reading

 

#WannaCry Ransomware Exposed As A False Flag Attack On Bitcoin

In this video, software and blockchain developer Vin Armani examines the WannaCry ransomware that the corporate media acted like it was the end of the world. Ultimately it appears to be an amateurish false flag attack on bitcoin. But upon digging into the bitcoin addresses used in the attack, Vin discovers a potentially much more nefarious attack on bitcoin.

Source: #WannaCry Ransomware Exposed as a False Flag Attack on Bitcoin

Cyber Attacks Are The Perfect Trigger For A Stock Market Crash

The world has been stunned over the past few days by the advent of “Ransomware;” the use of sophisticated cyber attacks on vital systems in order to (supposedly) extort capital from target businesses and institutions. I am always highly suspicious whenever a large scale cyber incident occurs, primarily because the manner in which these events are explained to the public does not begin to cover certain important realities. For example, the mainstream media rarely if ever discusses the fact that many digital systems are deliberately designed to be vulnerable.

Software and internet corporate monoliths have long been cooperating with the NSA through programs like PRISM to provide government agencies backdoor access to computer systems worldwide. Edward Snowden vindicated numerous “conspiracy theorists” in 2013 with his comprehensive data dumps, exposing collusion between corporations and the NSA including Microsoft, Skype, Apple, Google, Facebook and Yahoo. And make no mistake, nothing has changed since then.

The level of collusion between major software developers and the establishment might be shocking to some, but it was rather well known to alternative analysts and researchers. The use of legislation like the Foreign Intelligence Surveillance Act (FISA) to skirt Constitutional protections within the 4th Amendment has been open policy for quite some time. It only made sense that government agencies and their corporate partners would use it as a rationale to develop vast protocols for invading people’s privacy, including American citizens….continue reading

 

Another Large-Scale Cyberattack Underway: Experts

A global cybersecurity firm has warned that another large-scale, stealthy cyberattack is underway on a scale that could dwarf last week’s assault on computers worldwide.

 

Another large-scale, stealthy cyberattack is underway on a scale that could dwarf last week’s assault on computers worldwide, a global cybersecurity firm told AFP on Wednesday.

The new attack targets the same vulnerabilities the WannaCry ransomware worm exploited but, rather than freeze files, uses the hundreds of thousands of computers believed to have been infected to mine virtual currency.

Following the detection of the WannaCry attack on Friday, researchers at Proofpoint discovered a new attack linked to WannaCry called Adylkuzz, said Nicolas Godier, a researcher at the computer security firm.

“It uses the hacking tools recently disclosed by the NSA and which have since been fixed by Microsoft in a more stealthy manner and for a different purpose,” he said.

Instead of completely disabling an infected computer by encrypting data and seeking a ransom payment, Adylkuzz uses the machines it infects to “mine” in a background task a virtual currency, Monero, and transfer the money created to the authors of the virus….continue reading

%d bloggers like this: