Breach, Threat Management, Threat Intelligence, Data Security

Shadow Brokers slam Trump, expose additional NSA cyber tools

Despite claiming earlier this year that they were going silent, the Shadow Brokers hacking group that leaked cyber tools allegedly stolen from the U.S. National Security Agency resurfaced on Saturday, publishing the password to an encrypted collection of files that appear to contain even more exploits and operational details.

In an article published this weekend, Motherboard confirmed that the password successfully decrypted the archive of files, which was leaked in encrypted form last August when the Shadow Brokers tried, apparently in vain, to sell its full trove of apparent NSA tools to the highest bidder.

As part of its latest release, the Shadow Brokers reportedly leaked a list of targets (many businesses and educational institutions) that the NSA allegedly hacked into or possibly attacked with malware; a tool called PITCHIMPAIR used for hacking into universities' servers; a tool for hacking into Solaris and other Unix-like operating systems; a framework used to clean server logs and hide hacking activity; and more, according to multiple media reports, citing independent researchers.

The hacking group also published a xenophobic post on Medium that directly addresses Donald Trump, criticizing him for hurting his core base of supporters. The group's political rant chided Trump for, among other decisions, removing Steve Bannon from the National Security Council and bombing a Syrian air base. The Shadow Brokers claimed in their post to support "Steve Bannon, Anti-Globalism, Anti-Socialism, Nationalism [and] Isolationism," and even suggested that Trump's core supporters don't care if the U.S. presidential election was hacked or rigged in his favor.

Edward Snowden, who once warned that the NSA leak could be a Russian operation (other theories include a disgruntled employee), said in a tweet that while the compromised information does not represent the NSA's full arsenal of cyber weapons, there is enough there that the agency should be able to "instantly identify where this set came from and how they lost it. If they can't, it's a scandal."

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.