Shadow Brokers Release Secret List Of NSA-Compromised Servers

Uploaded on 2016-11-01 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The hacker group calling itself the Shadow Brokers, who previously claimed to have leaked a portion of the NSA’s hacking tools and exploits, is back with a Bang!

The group suspected of having ties to Russia has released a list of servers in various countries which have been compromised by the NSA for use in staging attacks and suggested that the best outcome for the US presidential election might be stopping it altogether.

Shadow Brokers, which released a dump of material earlier this year from the Equation Group that contained NSA-created exploit tools, which has long been suspected of being an NSA front organisation, also issued a long, rambling message in English that appears to be deliberately mangled.

The list of compromised servers, once again obtained from the Equation Group, shows servers in many countries: Japan, South Korea, Belgium, India, Hungary, Mexico, Spain, Poland, Germany, Sweden, China, Greece, Finland, Chile, Taiwan and many more.

The Shadow Brokers also released the means to gain entry to any of these servers. A total of 306 were listed.

Security researcher Mustafa Al-Bassam, a former member of Lulzsec and the Anonymous hacking collective, commented on Twitter that all of the target servers had been compromised between 2000 and 2010, adding that it was likely that most had been cleaned up unless they had disk back-ups.

He observed that most of the servers seemed to be running versions of Solaris. A few were running Linux or FreeBSD.

"So even the NSA hacks machines from compromised servers in China and Russia. This is why attribution is hard," Bassam wrote.

In its message, Shadow Brokers asked why the US was looking to wage a cyber war on Russia using the CIA and not the NSA or the Cyber Command.

It poked fun at the American election process, questioning how everyone could be said to have equal power at the ballot box when different people had vastly different sums at their command to influence the polls.

Shadow Brokers suggested that the best way to influence the polls was not by keeping away, but rather by stopping the elections altogether.

"TheShadowBrokers is having suggestion. On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being Grinch who stopped election from coming? Maybe hacking election is being the best idea? #hackelection2016," the group wrote.

"If peoples are not being hackers, then #disruptelection2016, #disruptcorruption2016. Maybe peoples not be going to work, be finding local polling places and protesting, blocking, disrupting, smashing equipment, tearing up ballots?

"The wealthy elites is being weakest during elections and transition of power. Is being why USSA is targeting elections in foreign countries. Don’t believing? Remembering Iran elections? Remembering Stuxnet? Maybe is not Russia hacking election, maybe is being payback from Iran?"

Ein News:            TheHackerNews:         Snowden: NSA Hacking Tools Leak Is ‘a warning’:

 

 

« UK To Increase National Cyber Defences
GCHQ’s Cyber Insiders Summer School »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The Josef Group (TJG)

The Josef Group (TJG)

The Josef Group Inc. is a certified woman-owned permanent staffing agency specializing in Information Technology, Engineering, and US Government "cleared" IT candidates.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

UpGuard

UpGuard

UpGuard's discovery engine brings visibility to complex IT environments, enabling teams to identify risk, confirm compliance and make business safer.

LogicManager

LogicManager

LogicManager offer a complete set of IT governance, risk and compliance software solutions and advisory services.

ASU Online - Information Technology Program

ASU Online - Information Technology Program

The Information Technology program at ASU Online provides you with the expertise to design, select, implement and administer computer-based information solutions.

IdenTrust

IdenTrust

IdenTrust enables organizations to effectively manage the risks associated with identity authentication.

Lifespan Technology

Lifespan Technology

Lifespan Technology provides the full range of IT Asset Disposition services. This includes hardware recycling and disposal, data destruction, and hardware resale.

Wipe-Global

Wipe-Global

Wipe-Global is specialized in data erasure with an international established service partner network.

Sequretek

Sequretek

Sequretek was formed with the aim to “Simplify Security”. We envision a future where enterprise networks are streamlined, secure and simple.

Cyber Security Africa

Cyber Security Africa

Cyber Security Africa is a full-service Information Security Consulting firm offering a comprehensive range of Services and Products to help organizations protect their valuable assets.

CyberCube

CyberCube

CyberCube provide world-leading cyber risk analytics for the cyber insurance market.

Antares NetlogiX

Antares NetlogiX

Antares Netlogix are a leading Austrian service provider for IT security, critical infrastructures and managed security services.

Digital Pathways

Digital Pathways

Digital Pathways is an award-winning data security provider that helps businesses protect their digital assets.

FortKnoxster

FortKnoxster

FortKnoxster is a cybersecurity company within the Crypto & FinTech space. Our encryption technologies are blockchain integrated.

Sekoia.io

Sekoia.io

Sekoia.io is a European cybersecurity company whose mission is to develop the best protection capabilities against cyber-attacks.

TrustCloud

TrustCloud

TrustCloud is a global company specializing in the orchestration and custody of secure digital transactions including identification, signature, payments, and electronic custody.