Monday 31 October 2016

Shadow Brokers dump reveals NSA targets

Accompanying gibberish encourages disrupting US election

Shadow trio, image via ShutterstockThe Shadow Brokers hacking group has posted a fresh dump containing a list of servers compromised by an NSA-linked group.
The list contains historic targets of the Equation Group. Mail providers, universities and targets in China make up the bulk of the roster. Each were targets of INTONATION and PITCHIMPAIR, codenames for cyber-spy hacking programmes.
Documents leaked by whistleblower Edward Snowden provide strong evidence that previous dumps by the Shadows Brokers feature malware and exploits that originated at the NSA, as previously reported. The latest Shadow Brokers dump was signed using the same key as the initial dump of NSA exploits, which the Shadow Brokers unsuccessfully tried to auction off. A message accompanying the latest dump somewhat incoherently calls for attempts to disrupt the forthcoming US presidential election.
This poorly argued rabble-rousing has been met with some derision. Security experts have questioned the value of the leaked target list, at least outside the realm of cyber-espionage historians. "The list of servers is nine years old. [Many] likely no longer exist or [are] reinstalled," said security researcher Kevin Beaumont, in an update on Twitter.

No comments:

Post a Comment