CyberCrimeSecuritySecurity Management

ShadowBrokers Hacker Group To Publish More NSA Code

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

New batch of stolen code to be auctioned by hacker group, despite earlier pledge to shut down operation

Hacker collective ShadowBrokers have warned that they will release in July a fresh batch of stolen code reportedly from the National Security Agency (NSA).

It comes after the group last year released a number of NSA hacking tools, and then dumped online a list of vulnerable Sun Solaris and Linux servers that were used by the allegedly NSA-linked Equation Group cyber criminal gang.

The pledge to release fresh code comes despite the fact that the hacking group had pledged to shut down its operation and go dark on 12 January this year. But days later after the failure of an online auction, the group released 61 files from a cache of hundreds of NSA programs.

NSA-logo

Fresh Auction

Now in a fresh act of spite, the hackers said that it plans to sell a new batch of stolen code in July to customers willing to pay more than $22,000 for it, according to Reuters.

The hackers said they have not yet determined what files will be in the collection, but it has previously said it has access to NSA tools used for hacking into mobile handsets and Microsoft’s Windows 10 operating system, as well as web browsers and network routers.

ShadowBrokers it should be remembered were the group that released a group of NSA hacking tools in April, including one that was used to launch this month’s massive “WannaCry” cyber attack.

That malware infected more than 300,000 computers in 150 countries, and impacted hospitals, post offices, car plants and government offices around the world.

“This is potentially disastrous,” Matt Suiche, founder of cyber security firm Comae Technologies, who closely follows the Shadow Brokers, was quoted as saying.

Russian Links

There has been speculation that ShadowBrokers are a front for Russian intelligence and that previous auctions were a smokescreen.

Whatever the truth of the matter, the ShadowBrokers hackers represent another piece of bad public relations for the NSA, particularly considering the controversy it faced after the Edward Snowden revelations about its snooping activities.

Earlier this month Microsoft’s President Brad Smith slammed the NSA for the “stockpiling of vulnerabilities”.

“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” he said at the time. “This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.

Quiz: Are you a security pro?