Over the weekend, a hacker or hackers working under the very subtle name the Shadow Brokers posted supposed evidence that they had compromised servers belonging to the Equation Group, a hacking group long believed to be an offshoot of the National Security Agency.
A series of screenshots uploaded to Imgur details numerous hacking tools acquired by the group, including some that share names with programs detailed in documents leaked by Edward Snowden; names like “BANANAGLEE.”
In a missive posted on Pastebin, the group provides a sampling of free files, and offers to auction off more of the tools to the highest bidder. “We auction best files to highest bidder. Auction files better than stuxnet. Auction files better than free files we already give you.” Stuxnet is the virus used to covertly break centrifuges refining nuclear material in Iran.
The group says that if they receive a million Bitcoin (roughly $568 million), they’ll release more free files to everyone. According to The Wall Street Journal, security experts analyzing the files have found them to be legitimate.
In a series of tweets, Edward Snowden, who is pretty knowledgable about this sort of thing, said that the binaries were likely left on a malware staging server by “lazy” operatives.
He added that sort of infiltration is not new (very encouraging), but the public disclosure of it is.
He further theorized that the release of said tools could have huge implications for U.S. foreign policy should the software be used as conclusive evidence of malware attacks originating from the NSA.
The National Security Agency has, duh, not commented on the reported hack.