Shadow Brokers’ latest leak could have come from beyond NSA staging servers
Screenshots of the alleged exploits in use, along with a comprehensive list of filenames and directories were all shared by the enigmatic group the “Shadow Brokers,” in a new blog post. Beyond the supplementary evidence is a set of encrypted folders, each protected by a PGP key. The encrypted folders presumably hold the actual, functioning exploits Rendition Infosec founder Jake Williams told CyberScoop.
A meticulous inspection of the aforementioned filenames and directories provides some clues about where the hacking tools came from and when they were developed.
Cybersecurity experts tell CyberScoop the viewable evidence suggests the existence of advanced hacking tools, which could be used to exfiltrate data, destroy digital forensic evidence, attribute old cyberattacks and compromise numerous systems running older versions of Windows. The Shadow Brokers are supposedly selling the exploits for roughly $850,000 worth of bitcoin in total.
“These filenames and directories look familiar to me … Based on their [Shadow Brokers] past behavior, other things they’ve posted, I have no reason to be believe they don’t have them,” a former U.S. intelligence official told CyberScoop on the condition of anonymity.
Screenshots of the alleged exploits in use, along with a comprehensive list of filenames and directories were all shared by the enigmatic group the “Shadow Brokers,” in a new blog post. Beyond the supplementary evidence is a set of encrypted folders, each protected by a PGP key. The encrypted folders presumably hold the actual, functioning exploits Rendition Infosec founder Jake Williams told CyberScoop.
A meticulous inspection of the aforementioned filenames and directories provides some clues about where the hacking tools came from and when they were developed.
Cybersecurity experts tell CyberScoop the viewable evidence suggests the existence of advanced hacking tools, which could be used to exfiltrate data, destroy digital forensic evidence, attribute old cyberattacks and compromise numerous systems running older versions of Windows. The Shadow Brokers are supposedly selling the exploits for roughly $850,000 worth of bitcoin in total.
“These filenames and directories look familiar to me … Based on their [Shadow Brokers] past behavior, other things they’ve posted, I have no reason to be believe they don’t have them,” a former U.S. intelligence official told CyberScoop on the condition of anonymity.