>Some of the most powerful espionage tools created by the National Security Agency’s elite group of hackers have been revealed in recent days, a development that could pose severe consequences for the spy agency’s operations and the security of government and corporate computers.
>A cache of hacking tools with code names such as Epicbanana, Buzzdirection and Egregiousblunder appeared mysteriously online over the weekend, setting the security world abuzz with speculation over whether the material was legitimate.
>The file appeared to be real, according to former NSA personnel who worked in the agency’s hacking division, known as Tailored Access Operations (TAO).
>“Without a doubt, they’re the keys to the kingdom,” said one former TAO employee, who spoke on the condition of anonymity to discuss sensitive internal operations. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.”
well, now we can all get Hillarys mail if we want!
Sebastian Russell
Snowden for Trump's Director of National Security.
Isaac Gonzalez
Don't let it slide.
Gavin Green
is tehre a download link to these tools?
Angel Cook
sounds like the usual hacking news of the week
Jaxon Lewis
there was one in the last thread, but i guess its deleted
Elijah Thompson
checked
these threads kind of disappeared, but its confirmed that its real
everyone that has been following this since the toolkit was first known years ago, recognizes the filesnames and stuff from screenshots leaked earlier
there are no new bids on the Blockchain, only 1.6 btc so far, kek i guess we wait until something happens
Jack Hughes
(((Github))) took it down, but Wikileaks grabbed a copy. They are cleaning them up and posting them soon.
It's the biggest leak of hacking tools ever. The code and methods in these tools will be used to attack networks for years.
Daniel Williams
RIP Edward Snowden
press F to pay respects
Mason Gray
someone got a info how much they got in the auction at the moment?
Nathaniel Evans
>post links and information including names of said programs on sites where people pretend to be hackers and activists to ensure downloads >retards download tools full of Malware and Spyware >welcometothebotnet.png >herrrderr deese is beddah den LIOC let's bwing down gubmint >government uses Americans as patsies to their war crimes >"dey stolt the toolz, dey did it, nawt usssss" >herrrderr Snowden Mai hewooooo >lel tepkak amirite fellow legion members!?!?!?!?!?!?
Massive faggotry.
Samuel Cox
bump
Grayson Jones
i don't think you understand what just happened at all
read into the matter, it starts with a USB stick found in a parking lot in Iran
Matthew Bailey
securelist.com/blog/incidents/75812/the-equation-giveaway/ Kaspersky Team: >Comparing the older, known Equation RC6 code and the code used in most of the binaries from the new leak we observe that they are functionally identical and share rare specific traits in their implementation. , this specific RC6 implementation has only been seen before with Equation group malware. This code similarity makes us believe with a high degree of confidence that the tools from the ShadowBrokers leak are related to the malware from the Equation group.
businessinsider.my/is-shadow-brokers-nsa-leak-real-looks-legitimate-experts-equation-group-hack-russia-2016-8/ >Security researcher Nicholas Weaver wrote that “because of the sheer volume and quality, it is overwhelmingly likely this data is authentic. And it does not appear to be information taken from comprised systems. Instead the exploits, binaries with help strings, server configuration scripts, 5 separate versions of one implant framework, and all sort of other features indicate that this is analyst-side code — the kind that probably never leaves the NSA.”
motherboard.vice.com/read/what-we-know-about-the-exploits-dumped-in-nsa-linked-shadow-brokers-hack >In all, he lists 39 different exploits, tools, implants or modules. >EXTRABACON exploit versions of Cisco. The security researcher known as XORcat tested the EXTRABACON exploit, and confirmed that, once successful, an attacker is able to connect to a firewall without needing to enter a valid password or username. Nicholas Weaver, senior researcher tweeted that EXTRABACON was a zero-day exploit >Other exploits have been confirmed as legitimate and working too. Security researcher Kevin Beaumont reported on Twitter that an exploit for Fortinet firewalls worked
>downloading NSA-level tools to a VM thinking you're safe
kek
Parker Long
Soooo... What does this mean for regular people
Ethan Rodriguez
>"hacking group" announces they got a shitload of NSA tools >just give us some money goyim, anonymously, and we promise you can have them >nobody buys it, bitcoin bids only reach a few hundred coins >snowden suddenly comes back out of nowhere to explain these tools are totes legit and where they came from and blames russia for the DNC hacks like the cuck he is >~1600 bitcoins bid, still nobody interested >Now official but unofficial NSA "hackers" come out of the woodworks to claim the tools are totes legit, surely not to try and legitimize the tools and get people to bid for them, no sir
I know a honeypot when I fucking see one
Also this confirmed for me that Snowden's still working for the US government in some capacity and is nothing more than a high-profile agent with a good cover story.
Nathan Ward
Some people sell tools for Mass destruction for 1.mio Bitcoins
Kayden Kelly
>EXTRABACoN
Jesus fucking Christ is this real life??? Do we even have defenses against shit like that? Does that mean a hacker could shut down entire WANs without even trying? Fuck me, dude.
There was speculations about some kind of killswitch for banks ...
Ryder Thomas
>firewall odays
Full traffic monitoring
Nothing serious imo
Angel King
programs can already get through vms you retard, if microsoft can engineer that sort of thing you can bet your ass the NSA can do it
Easton Jones
Wikileaks wrote on twitter they will re-release the files after cleaning them up (I'm not sure whether they meant malware or noise files), just keep an eye on their tweets.
David Allen
Stuxnet x cryptolocker made for financial systems is one of the items at the auction
github.com/nneonneo/eqgrp-free-file >This repository contains the decrypted and decompressed contents of the eqgrp-free-file.tar.xz file released by "The Shadow Brokers".
useless firewall/router backdoors that only work if the admin left the default router password (which no one does.)
Austin Murphy
>uses the word totes Opinion discarded
Connor Martin
that would be so fucking awesome! Imagine the opportunity's
Mason Carter
The Equation Group (EG) is responsible for hyper-advanced malware like Stuxnet, Duqu/Flame, and Strider/Project Sauron. These viruses are the most advanced pieces of software ever discovered by top antimalware labs such as Kaspersky. They can target industrial systems, oil pipelines, and nuclear facilities. >youtube.com/watch?v=7g0pi4J8auQ
Nobody in the Information Security (infosec) sector actually wants to call EG out on being the NSA because, well, it’s the fucking NSA. But everyone knows it.
A hacker group going by the name Shadow Brokers (SB) have hacked the NSA and released many free exploits to the world, not least among them being a backdoor to Cisco routers. The metadata on these files dates back to 2013, the same time as the Snowden leaks. Snowden and Wikileaks have confirmed these exploits (hacking tools) as legitimate. The release was on Github, but has since been taken down. >web.archive.org/web/20160815155959/https://github.com/theshadowbrokers/EQGRP-AUCTION/
>But they can’t even type English right The NSA has software which can identify a person’s writing style as if it were their fingerprint or iris. SB probably used a program like Anonymouth to defend against that.
Do not run anything in this leak unless you know what you are doing.
It has been theorized that TWAIN (something on almost every system) may be a massive backdoor: >SB specifically mentioned SWIFT. It seems that they have been sitting on this for awhile. There seems to be some connection to TWAIN software which is used on scanner/printers. I wonder if there is any connection? wired.com/2016/05/insane-81m-bangladesh-bank-heist-heres-know/ A printer “error” helped Bangladesh Bank discover the heist. The bank’s SWIFT system is configured to automatically print out a record each time a money transfer request goes through. The printer works 24 hours so that when workers arrive each morning, they check the tray for transfers that got confirmed overnight. But on the morning of Friday February 5, the director of the bank found the printer tray empty. When bank workers tried to print the reports manually, they couldn’t. The software on the terminal that connects to the SWIFT network indicated that a critical system file was missing or had been altered. When they finally got the software working the next day and were able to restart the printer, dozens of suspicious transactions spit out.
Threads from yesterday
Christian Rogers
suck muh totes
William Ortiz
Good morning, lads. Posted everything relevant I know from yesterday + an article from today that sums most of it up nicely.
Logan Mitchell
money.cnn.com/2016/05/24/news/swift-bank-hack-ceo/ >The head of the network that connects the world's banks has issued a warning: Hackers will strike again, and they could bring down a bank. >Fraudulent messages were sent via SWIFT to initiate cash transfers from accounts at larger banks. >If hackers are able to break into a weaker bank, they can fabricate transfer requests in order to pull money out of a bigger bank.
bloomberg.com/news/articles/2016-05-26/swift-hack-probe-expands-to-up-to-dozen-banks-beyond-bangladesh >as many as 12 banks linked to Swift’s global payments network that have irregularities similar to those in the theft of $81 million from the Bangladesh central bank >the biggest known cyber-heist in history, suggests a broad and serious campaign to breach the international financial system. >Swift’s CEO, “This is a big deal, and it gets to the heart of banking,” “Banks that are compromised like this can be put out of business.”
Joseph Collins
>leaf
Adrian Rodriguez
Thanks, didn't have those in my document.
Brody Clark
So hackers are selling a really expensive super secret hacker thing for almost a billion dollars and and now some hackers that have connections to the global elite are shilling for this product?
Brayden Campbell
Reminder that Snowden ded
Wyatt Baker
Yeah, but it's connected
>Last year, Kaspersky Lab researchers described Equation Group as one of the world's most advanced hacking groups, with ties to both the Stuxnet and Flame espionage malware platforms.
You could write a worm that took down the core of the Internet. We all know this. The reason that this is not a monthly happening is for the same reason as people not setting fire to things at random.
These exploits are targeted against network appliances because they are static targets and binary memory corruption exploits and firmware rootkit code constitute a much better investment if you target stuff that doesn't get patched or replaced much.
The upside is also that only people with serious $$$ and manpower can buy and reverse engineer network hardware. Or to develop custom Cisco IOS images which I've seen references to in the released script files.
Apart from the encryption code though, and the level of organization of the whole thing, it's not different from other exploit code. It's like a militarized version of Metasploit with checklists and instructions for operating procedures.
Henry Sanchez
< this
If anyone really wanted to try the tools, he'd just buy a throwaway laptop.
Isaac Myers
It is highly unlikely that this code contains any safety features apart from extensive self-deletion features in the actual implant code.
Julian Perez
is it happening?
Matthew Gutierrez
Nice try ROOSKII
Ryder Sanders
Haha fucking epicbanana.
Some mufti faggot's chromebook suddenly filling up with banana pictures...
Noah Foster
In SG's own words: >We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control. Let us spell out for Elites. Your wealth and control depends on electronic data. You see what "Equation Group" can do. You see what cryptolockers and stuxnet can do. You see free files we give for free. You see attacks on banks and SWIFT in news. Maybe there is Equation Group version of cryptolocker+stuxnet for banks and financial systems? If Equation Group lose control of cyber weapons, who else lose or find cyber weapons? If electronic data go bye bye where leave Wealthy Elites?
Xavier Adams
Remind me what the evidence of Snowden's death is?
Leo Perez
>Egregiousblunder kek. This got me.
Angel Baker
Stuxnet was badass. Maybe Epicbanana, Buzzdirection and Egregiousblunder just aren't making enough money, and they're getting into freelance work. Or this shit was intentionally leaked.
Aaron Ross
see:
Aaron Harris
What is happening is that NSA is losing access to important exploit vectors. Presumably their analysts have other vectors on standby.
We're gonna see people playing with these exploits for a while of course. It might cause quite a bit of havoc
Jayden Parker
The code names seem to be names for exploits and implants, not names of people.
I don't like that they are auctioning that shit off. They should expose it.
Then again, maybe they sell it (most likely back to the NSA) and then publish it anyway, it's not as if they have to be concerned about their reputation or something.
Jacob Cox
>maybe they sell it (most likely back to the NSA) In SG's own words: >Q: What is in auction files? A: Is secret. Equation Group not know what lost. We want Equation Group to bid so we keep secret. You bid against Equation Group, win and find out or bid pump price up, piss them off, everyone wins.
Ayden Cook
>epicbanana fuck.
Cameron Cook
medium.com/@msuiche/shadowbrokers-the-insider-theory-ded733b39a55 >Shadow Brokers: The insider theory >there are still many different versions when it comes to the origin of it. >a source who claims to be a former NSA TAO Operator contacted me about his own theory which we discussed on the condition of anonymity. >Initially, the main leading theory on Twitter was that the NSA didn’t get hacked and that those files got comprised because of a deployment mistake. >The repository containing the NSA TAO Toolkit is stored on a physically segregated network which does not touch the internet and has no reason to (remember it’s a toolkit repository). There is no reason for those files to have ever been on a staging server in the first place unless someone did it on purpose. >Some of the scripts are simply for setting up a workstation pre-op. There are no reasons for them to be on a staging server, as they would not serve any purpose. >The TAO Team had severe concerns about how easy it was to just walk out with the data on a USB drive
Isaiah Lee
RIP SNOWDEN
Oliver Hughes
...
Jonathan Perez
They're just asking for money for the sake of getting money. Otherwise why would they ask for *puts pinky to mouth* ONE MILLION BITCOINS.
Eli Hughes
bump
Zachary Brown
Guess there's not much more to talk about at the moment. I'll lurk moar elsewhere and make a thread later (to see)if any new developments come up.
Austin Morales
Sup Forums raiders confirmed for NSA
Lucas Morgan
Fun fact: Snowden himself said he browsed Sup Forums. I promise you he's not the only one.
NSA openly recruits neckbeards from places like DefCon.
Connor Perez
>yfw Mr. Robot happens IRL
Nathan Ramirez
Sup Forums had already debunked this. Jesus put the method pipe down, the paranoia is getting out of hand
Adrian Jenkins
>Stuxnet Implying banks are vulnerable to that shitty windows malware
Aaron Jenkins
banks use windows
Gabriel Brooks
>naming your hacker group after another hacker group from a video game What's next? the horde?
Noah Jenkins
I've worked at 2 credit unions and one major bank. None have used windows.
Jason Ortiz
What does all this mean for me?
Ayden Hall
Signals intelligence operatives a shit.
Bump for all the cucks in the shadowfactory working overtime to slide the story (they do it for free).
Thomas Clark
it means we are gonna have HeartBleed-tier happenings weekly ahead
this shit can disable a whole range of Cisco, TopSec, Fortigate and some other firewalls if you know what you are doing if i understand it correctly
what is gonna happen is that corporations with money will upgrade,patch and mitigate, while the rest of the internet just became a lot more unsafe
all hackers in the world just gained +15 levels in a single night
Jose Walker
so what does that mean for me?
Josiah Parker
short term, not much.
Longer term good potential for shits and giggles from various hacking groups.
No telling what shit will go down if all the hacking tools the Shadowbrokers are auctioning off make the web
Daniel Harris
Hackers will know on what porn you fap.
Asher Anderson
Is (pic-related) the endgame here? Aside from the Mr Robot theory, this seems huge. Basically an exploit that targets Hard Drive FIRMWARE so that it can run an undetectable-compromised OS; In other words, totally & supremely FUCKED.
Jonathan Powell
lol good luck getting through my windows firewall
Matthew Jones
well, are any of those router models involved in your life or workplace at all ?
it means any dumbass can rekt expensive firewalls and siphon information or do whatever the fuck he wants with the machines inside
Samuel Smith
XBOX Live down >REEEEEEE
Tyler Hughes
At this point both Xbox and PS deserve a good kick in the ass about their online policies. PS4 especially since its pay2play and its readily apparent Sony hasn't used any of the money they've made off PS+ to shore up their online
Nathan Howard
Ah mista bond;
and the world over -
What audacity we thought. How human beings desperately cling to their national, personal, perspectives in subjectivity justifying their existence based on their own faults.
The technology of the world - does not impress me. It impresses stupid little apes such as yourselves. The value of the internet in the creation of such subjective chaos in expression has flown over the heads of most human beings, and in our genuine review as to which human beings on this pathetic sphere deserve the title of human.
Parker Sanchez
That's exactly what I was thinking.
James Richardson
bamp
Luis James
problem seems to be that this theater will be played behind the curtains. No big media attention needed
Carter Jenkins
That's certainly the most likely scenario, but if
>It's real >They don't get retrieved before the auction ends >The instructions are useful without training (or can cause problems if used incorrectly)
Then shit could get real, but that's a shitload of ifs and I doubt all of them.
Blake Lee
Is it just corporations? What if its also every single private citizen in the United States information? That would be a real happening.
Alexander Hill
I doubt the NSA files of every citizen could fit on a single server, and you certainly couldn't download them before being spotted.
Ayden Diaz
>auction Aren't they spreaded for free already? Why would anyone go and pay money now that they're out there?
Christian Wilson
>Xbox Live Down
shit, yeah confirmed
Andrew Ward
They've put half of it out for free to prove it's real (), they're auctioning off the other half which they say has the really good stuff. They also say they'll release the good stuff for free if they get over a million bitcoins