Shadow Brokers hackers release NSA hacking tools to punish Trump for ‘abandoning’ his base
Hacking group Shadow Brokers has released the password to a trove of NSA exploits in what they say is a form of protest against President Donald Trump for going back on his campaign promises, and warning the president, “Don’t forget your base.”
The shadowy group first emerged last August and released hacking exploits used by the NSA’s Equation Group, which included vulnerabilities in firewall products, and a list of IP addresses the NSA had exploited, which the group released at a later date.
NSA just lost control of its Top Secret arsenal of digital weapons; hackers leaked it.
— Edward Snowden (@Snowden) April 8, 2017
1) https://t.co/zleVbyBtE3
2) https://t.co/aKwdiNbrJA
Shadow Brokers released passwords to the rest of the exploits on Saturday, in a move they described as a protest against Trump, who they say has “abandoned” his base by going back on many promises made on the campaign trail.
NSA whistleblower Edward Snowden has confirmed that the leak included authentic NSA software. The leak doesn’t contain the entire spy tools library, Snowden tweeted.
However, he added that “NSA should be able to instantly identify where this set came from and how they lost it. If they can’t, it’s a scandal.”
...much here that NSA should be able to instantly identify where this set came from and how they lost it. If they can't, it's a scandal.
— Edward Snowden (@Snowden) April 8, 2017
Back in August, The Intercept used unreleased documents from Snowden to confirm the Shadow Brokers’ exploits were authentic.
The files appeared to be from up to late 2013, after Snowden had revealed the NSA’s spying reach. They included code to exploit unknown security flaws in CISCO hardware.
READ MORE: Hacking group offers ‘stolen NSA cyber-weapons’ in bitcoin auction
Bitter lesson:
— Edward Snowden (@Snowden) April 8, 2017
When any government conceals knowledge of vulnerabilities in common software, those vulns will be found and used by enemies. https://t.co/EfLgJMwbNs
The password provided by Shadow Brokers unlocks the hacking tools, which include servers belonging to companies and universities which are allegedly used to deploy malware, according to researchers who have examined some of the documents. WikiLeaks tweeted the dump includes “hacking attacks on EU states, Russia, China, Japan and South East Asia.”
READ MORE: ‘You’re welcome’: Snowden casts light on NSA hack
Today's #ShadowBrokers NSA dump shows hacking attacks on EU states, LatAm, Russia, China, Japan & South East Asia https://t.co/Gtz4JFst8O
— WikiLeaks (@wikileaks) April 8, 2017
The @shadowbrokerss key to eqgrp-auction-file.tar.xz.gpg is legit. pic.twitter.com/QDCaHVh5vG
— x0rz (@x0rz) April 8, 2017
One of the #EquationGroup tool (ELECTRICSLIDE) impersonates a Chinese browser with fake Accept-Languagehttps://t.co/fCQ77KqK0Ipic.twitter.com/jIrtelcbu9
— x0rz (@x0rz) April 8, 2017
Shadow Brokers listed some of the reasons they were unhappy with Trump in a Medium blog post:
“Goldman Sachs (TheGlobalists) and Military Industrial Intelligence Complex (MIIC), cabinet, #2 — Backtracked on Obamacare, #3 — Attacked the Freedom Caucus (TheMovement), #4 — Removed Bannon from the NSC, #5 — Increased U.S. involvement in a foreign war (Syria Strike).”
The group also criticized Trump for launching the cruise missile strike against Syria, saying: “Whose war are you fighting? Israeli Nationalists’ (Zionist) and Goldman Sachs’ war? Chinese Globalists’ and Goldman Sachs war? Is not looking like you fighting the domestic wars, the movement elected you to be fighting.”
The group earlier attempted to auction the “best files” for more 1 million Bitcoin, but abandoned the plan in January.
The post seemingly lends clues as to the identity of the group. “Did you know most of theshadowbrokers’ members have taken the oath ‘…to protect and defend the constitution of the United States against all enemies foreign and domestic…’.” it reads. “Yes sir! Most of us used to be TheDeepState everyone is talking about.”
While the Shadow Brokers were accused of being Russians, several NSA insiders earlier told the media that signs pointed to it being someone within the NSA.
READ MORE: Leak in-house? NSA data dump could be work of insider