Shadow Brokers Release Secret List Of NSA-Compromised Servers

Uploaded on 2016-11-01 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW

The hacker group calling itself the Shadow Brokers, who previously claimed to have leaked a portion of the NSA’s hacking tools and exploits, is back with a Bang!

The group suspected of having ties to Russia has released a list of servers in various countries which have been compromised by the NSA for use in staging attacks and suggested that the best outcome for the US presidential election might be stopping it altogether.

Shadow Brokers, which released a dump of material earlier this year from the Equation Group that contained NSA-created exploit tools, which has long been suspected of being an NSA front organisation, also issued a long, rambling message in English that appears to be deliberately mangled.

The list of compromised servers, once again obtained from the Equation Group, shows servers in many countries: Japan, South Korea, Belgium, India, Hungary, Mexico, Spain, Poland, Germany, Sweden, China, Greece, Finland, Chile, Taiwan and many more.

The Shadow Brokers also released the means to gain entry to any of these servers. A total of 306 were listed.

Security researcher Mustafa Al-Bassam, a former member of Lulzsec and the Anonymous hacking collective, commented on Twitter that all of the target servers had been compromised between 2000 and 2010, adding that it was likely that most had been cleaned up unless they had disk back-ups.

He observed that most of the servers seemed to be running versions of Solaris. A few were running Linux or FreeBSD.

"So even the NSA hacks machines from compromised servers in China and Russia. This is why attribution is hard," Bassam wrote.

In its message, Shadow Brokers asked why the US was looking to wage a cyber war on Russia using the CIA and not the NSA or the Cyber Command.

It poked fun at the American election process, questioning how everyone could be said to have equal power at the ballot box when different people had vastly different sums at their command to influence the polls.

Shadow Brokers suggested that the best way to influence the polls was not by keeping away, but rather by stopping the elections altogether.

"TheShadowBrokers is having suggestion. On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being Grinch who stopped election from coming? Maybe hacking election is being the best idea? #hackelection2016," the group wrote.

"If peoples are not being hackers, then #disruptelection2016, #disruptcorruption2016. Maybe peoples not be going to work, be finding local polling places and protesting, blocking, disrupting, smashing equipment, tearing up ballots?

"The wealthy elites is being weakest during elections and transition of power. Is being why USSA is targeting elections in foreign countries. Don’t believing? Remembering Iran elections? Remembering Stuxnet? Maybe is not Russia hacking election, maybe is being payback from Iran?"

Ein News:            TheHackerNews:         Snowden: NSA Hacking Tools Leak Is ‘a warning’:

 

 

« UK To Increase National Cyber Defences
GCHQ’s Cyber Insiders Summer School »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Protegrity

Protegrity

Protegrity is an enterprise and cloud data security software for data-centric encryption and tokenization to protect sensitive data while maintaining usability.

Italian Association of Critical Infrastructure Experts (AIIC)

Italian Association of Critical Infrastructure Experts (AIIC)

AIIC acts as a focal point in Italy for expertise on the protection of Critical Infrastructure including ICT networks and cybersecurity.

Grimm Cyber

Grimm Cyber

GRIMM makes the world a more secure place by increasing the cyber resiliency of our client’s systems, networks, and products.

VerifyMe

VerifyMe

VerifyMe is a global technology solutions company delivering brand protection offerings to mitigate counterfeiting, product diversion, and illicit trade.

Nok Nok Labs

Nok Nok Labs

Nok Nok is a market leader in next generation authentication for cloud, mobile and IoT applications.

InstaSafe Technologies

InstaSafe Technologies

InstaSafe®, a Software Defined Perimeter based (SDP) one-stop Secure Access Solution for On-Premise and Cloud Applications.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

Ustels

Ustels

Ustels provides brand protection strategy, intelligence, monitoring and enforcement services.

YesWeHack

YesWeHack

YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered) to identify and report vulnerabilities in their systems.

Liongard

Liongard

Liongard automates the management and protection of modern IT environments at scale for IT MSPs - Managed Service Providers and Enterprise IT Operations.

Fortiphyd Logic

Fortiphyd Logic

Fortiphyd Logic equips operators of the power grid, oil & gas, and other critical infrastructure with the tools and training they need to defend their industrial networks from advanced cyberattacks.

Liminal

Liminal

Liminal is a boutique strategy advisory firm serving digital identity, fintech, and cybersecurity clients, and the private equity / venture capital community.

J.S. Held

J.S. Held

J.S. Held is a global consulting firm providing technical, scientific, and financial expertise across all assets and value at risk.

Endure Secure

Endure Secure

Endure Secure is a managed cyber security & information security consultancy. Our passion for IS and our understanding of the threat landscape is reflected in the services that we provide.

GreenPages Technology Solutions

GreenPages Technology Solutions

GreenPages provide expert strategic guidance and proven cloud-era solutions for our clients. Every day we help organizations leverage the cloud securely with less risk and cost.

SafeBase

SafeBase

Safebase provide the infrastructure for Trust Communication. Our Trust Center enables Security and Sales teams to share and automate access to security, compliance, and privacy information.