Shadow Brokers Release Secret List Of NSA-Compromised Servers

The hacker group calling itself the Shadow Brokers, who previously claimed to have leaked a portion of the NSA’s hacking tools and exploits, is back with a Bang!

The group suspected of having ties to Russia has released a list of servers in various countries which have been compromised by the NSA for use in staging attacks and suggested that the best outcome for the US presidential election might be stopping it altogether.

Shadow Brokers, which released a dump of material earlier this year from the Equation Group that contained NSA-created exploit tools, which has long been suspected of being an NSA front organisation, also issued a long, rambling message in English that appears to be deliberately mangled.

The list of compromised servers, once again obtained from the Equation Group, shows servers in many countries: Japan, South Korea, Belgium, India, Hungary, Mexico, Spain, Poland, Germany, Sweden, China, Greece, Finland, Chile, Taiwan and many more.

The Shadow Brokers also released the means to gain entry to any of these servers. A total of 306 were listed.

Security researcher Mustafa Al-Bassam, a former member of Lulzsec and the Anonymous hacking collective, commented on Twitter that all of the target servers had been compromised between 2000 and 2010, adding that it was likely that most had been cleaned up unless they had disk back-ups.

He observed that most of the servers seemed to be running versions of Solaris. A few were running Linux or FreeBSD.

"So even the NSA hacks machines from compromised servers in China and Russia. This is why attribution is hard," Bassam wrote.

In its message, Shadow Brokers asked why the US was looking to wage a cyber war on Russia using the CIA and not the NSA or the Cyber Command.

It poked fun at the American election process, questioning how everyone could be said to have equal power at the ballot box when different people had vastly different sums at their command to influence the polls.

Shadow Brokers suggested that the best way to influence the polls was not by keeping away, but rather by stopping the elections altogether.

"TheShadowBrokers is having suggestion. On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being Grinch who stopped election from coming? Maybe hacking election is being the best idea? #hackelection2016," the group wrote.

"If peoples are not being hackers, then #disruptelection2016, #disruptcorruption2016. Maybe peoples not be going to work, be finding local polling places and protesting, blocking, disrupting, smashing equipment, tearing up ballots?

"The wealthy elites is being weakest during elections and transition of power. Is being why USSA is targeting elections in foreign countries. Don’t believing? Remembering Iran elections? Remembering Stuxnet? Maybe is not Russia hacking election, maybe is being payback from Iran?"

Ein News:            TheHackerNews:         Snowden: NSA Hacking Tools Leak Is ‘a warning’:

 

 

« UK To Increase National Cyber Defences
GCHQ’s Cyber Insiders Summer School »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

PubNub

PubNub

PubNub enables developers to build secure realtime Mobile, Web, and IoT Apps.

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

Sopra Steria

Sopra Steria

Sopra Steria is a leading European information technology consultancy.

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets is a global series of summits focusing on cyber security for critical infrastructure.

Netrix

Netrix

Netrix is a Mexican company specialized in IT Security, with more than 18 years of experience in Managed Services, Professional Services and Turnkey Solutions related to Security.

Salviol Global Analytics

Salviol Global Analytics

Salviol Global Analytics is a leading provider of Fraud, Risk and Operational Performance Solutions to a number of vertical markets including Insurance, Banking, Utilities, Telco’s and Government.

SixThirty CYBER

SixThirty CYBER

SixThirty is a venture fund that invests in early-stage enterprise technology companies from around the world building FinTech, InsurTech, and Cybersecurity solutions.

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

cleverDome

cleverDome

cleverDome has created the first community built and proven model that redefines the standards for protecting the most confidential data and information of consumers in the cloud.

Hunton Andrews Kurth

Hunton Andrews Kurth

Hunton Andrews Kurth LLP serves clients across a broad range of complex transactional, litigation and regulatory matters. Practice areas include Privacy and Cybersecurity.

Precursor Security

Precursor Security

Precursor Security are information security specialist, delivering all aspects of Security testing, Cyber Risk Management, and Continuous Security Testing.

Avocado Consulting

Avocado Consulting

Avocado helps clients deliver with certainty on their complex IT change, with technology services that automate, monitor and optimise.

inWebo

inWebo

inWebo is the specialist in multi-factor strong authentication (MFA). We guarantee the security of data and identities in a digital world with increasingly important economic and political stakes.

ABM Technology Group

ABM Technology Group

ABM Technology Group (formerly True IT) provide business information technology services, solutions, and consulting for small to mid-sized organizations.

Iolo

Iolo

Iolo develops patented technology and award-winning software that repairs, optimizes, and protects computers, to maximize system speed and performance while keeping them safe.

nandin Innovation Centre

nandin Innovation Centre

nandin is ANSTO’s Innovation Centre (Australian Nuclear Science and Technology Organisation) where science and technology entrepreneurs, startups and graduates come together.