A hacking group claims to be holding some U.S. National Security Agency secrets for sale, although experts aren’t ruling out the possibility that it’s all a hoax.
The group, calling itself The Shadow Brokers, posted to Tumblr on Saturday in broken English, claiming to possess “cyber weapons made by creators of stuxnet, duqu, flame.”
The group released some of the files and wants to auction the rest to the highest bidder, but the terms of the auction are sketchy. You’re supposed to send the group bitcoins, and if you don’t happen to be the winning bid: “Sorry lose bidding war lose bitcoin and files. Lose Lose.”
The group promises to release more files publicly if the auction raises 1 million bitcoin ($560 million).
The Shadow Brokers claim they’ve hacked the Equation Group, which is a nice bit of namedropping. The Equation Group is a name given by Kaspersky Labs to hackers who appear to be responsible for at least 500 malware infections in 42 countries. Kaspersky has not stated that The Equation Group is part of NSA — but the research firm’s report on the group hints that that’s the case, as Ars Technica reported last year.
Of course, neither the NSA nor the types of hackers who would break into the NSA are easy to get information out of, so it’s hard to tell how seriously to take all this. It’s possible the purported hackers simply lifted information out of documents already leaked by Edward Snowden, one analyst told Forbes. (The analyst was leaning toward believing the hack was real, however.)
For what it’s worth, Snowden’s own guess is that the hack is of Russian origin. And bitcoin-raising might not be the real objective: “This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server,” he wrote on Twitter yesterday.