The mysterious Shadow Brokers hacking group has released a range of previously top secret National Security Agency hacking tools, ostensibly in response to the Trump administration’s decision to bomb Syria.
The group first gained attention in August after it claimed to have hacked the Equation Group, a hacking group believed to be linked to the NSA. Later the Shadow Brokers claimed to have retired in January after failing to first sell the tools either via an auction or later via a crowdfunding campaign.
In a post on Medium titled “Don’t Forget Your Base,” the group delivered a (possibly intentionally) poorly written diatribe against President Trump, accusing him of abandoning the people who elected him and acting against their interests. After ranting that Trump was being controlled by Zionists and Goldman Sachs, the group then delivered a list of ways the president should be making America great again. That included offering its services to the administration, such as “unmasking” people they consider enemies of the Constitution. Among those enemies: John McCain, Saudi princes, U.S. Senator Lindsey Graham, The New York Times, the Washington Post, Goldman Sachs, Amazon.com Inc. Chief Executive Jeff Bezos and “other Globalists.”
“Mr. President Trump theshadowbrokers sincerely is hoping you are being the real deal and that you received this as constructive criticism toward #MAGA. Some American’s consider or maybe considering TheShadowBrokers traitors. We disagreeing. We view this as keeping our oath to protect and defend against enemies foreign and domestic,” the post concludes, before adding a key to access a range of the NSA files they had previously attempted to sell.
According to Cyberscoop, security researchers have started poring over the files, with most being found to target Linux systems. On Twitter, NSA whistleblower Edward Snowden suggested that the files fall short of the agency’s full exploit catalog but may provide clues to investigators as to who obtained the files to begin with.
Many of the files released are believed to date back to the 1990s, meaning that the tools may not be effective on modern systems. But previous releases have resulted in forcing companies such as Cisco Systems Inc. to release patches, so it’s likely that in the coming days as the new dump is analyzed, further current vulnerabilities may be exposed.