A hacking group is holding an auction for what it claims are cyber weapons. This group, known as The Shadow Brokers, claim to have stolen the hacking tools from another collective called the Equation Group. Analysis by cyber security experts suggests that the Equation Group is merely an arm of the NSA. The Equation Group has been linked to the creation of Stuxnet, a computer worm which sabotaged the Iranian nuclear program. However, the Shadow Brokers claim the programs they have stolen are “better than Stuxnet.”
In order to attract interest in its auction, the Shadow Group posted samples of some of the stolen programs on its Tumblr blog. Experts who looked at the posted samples believe they are relatively old and included programs which were already known to exist. One such researcher was Claudio Guarnieri, who stated that the programs were not likely “to cause significant operational damage.” Even if the programs are old, they do appear to be genuine. Some experts warn that they could still pose a threat if the flaws they exploit have not been fixed. Matt Suiche, founder of the security startup Comae Technologies, examined the code and concluded that the programs, “could be used.”
There is no stated end date to the auction, and will continue until the Shadow Brokers feel like ending it. Anyone interested in bidding must pay in bitcoins and send the payment in advance. There will be no refunds given even if they do not win the bid. However, the group has stated they will release the cyber weapons for free if they receive bids totaling more than one million bitcoins. However, the group admits that it can be trusted and a FAQ states, “No trust, risk. You like reward, you take risk, maybe win, maybe not, no guarantees.”
Wikileaks has tweeted out that it has received an archive of the cyber weapons and will be releasing its own copy in due time.
Do you think the shadow brokers actually stole hacking tools or is this just a hoax to trick people into paying them? Leave your comments below.