+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

New Snowden documents prove the hacked NSA files are real

Aug 20, 2016, 02:51 IST

Former U.S. National Security Agency contractor Edward Snowden appears live via video during a student organized world affairs conference at the Upper Canada College private high school in Toronto, February 2, 2015. REUTERS/Mark Blinch

Newly-released documents from former National Security Agency contractor Edward Snowden confirm what many experts had already believed: The 234 megabyte archive of NSA hacker tools, exploits, and implants that leaked online earlier this week is real.

Advertisement

The key to confirming the leaked files - which was uploaded to various file-sharing sites earlier this week by a group called "Shadow Brokers" - came in a top-secret agency manual published Friday by Sam Biddle of The Intercept that instructed NSA hackers on how to track their malicious software by using a 16-character string buried in the code.

The tracking string in the manual, "ace02468bdf13579," also appears inside code for a software implant called "Second Date," which was leaked as part of the archive posted earlier this week.

That's not the only piece of evidence that shows the leak was, in essence, a software 'toolbox' for NSA hackers to target adversaries. Among other files in the archive are implants code-named Banana Glee, Jet Plow, and Zesty Leak, which were all documented in a top-secret 50-page catalog of NSA tools that was published in late 2013.

"One of the interesting things about the exploits is they are very professional and they clean up after themselves," Dave Aitel, an ex-NSA research scientist who now leads penetration-testing firm Immunity, told Business Insider. "Not only do they turn things off, but they turn things back on. When you're looking at stuff that's written by a lot of hackers it will backdoor something but it won't 'un-backdoor' something."

Advertisement

Put simply: Your average hacker will build tools that break in, but a sophisticated hacker - such as those employed by the US or some other nation - will build tools that break in, hide all their tracks, and turn everything off once they get what they need.

"These are the type of tools that are really exclusive to governments," a source who worked for NSA's elite hacker unit, Tailored Access Operations, told Business Insider on condition of anonymity in order to discuss sensitive matters.

Reuters

Now that the NSA toolkit has been confirmed as legitimate, the remaining mystery is how they came into public view. There are now two prevailing theories as to how "Shadow Brokers" obtained the files: Either they hacked a server used by NSA hackers to stage attacks that had the files mistakenly left there by an operator, or an agency insider downloaded the data and later leaked it online.

Both scenarios are plausible, though neither has been confirmed, and the NSA isn't likely to say anything.

Advertisement

The previously-unknown Shadow Brokers created a number of social-media accounts earlier this month on Reddit, Github, Twitter, and Imgur, before announcing on August 13 that its "cyber weapon auction," which promised bidders a "full state sponsor tool set" from a hacking unit believed to be within the NSA known only as "The Equation Group."

It released a 234-megabyte archive on various file-sharing sites with half being free to view and use - which numerous experts say is legitimate - while the other half was encrypted. The winner of the auction, the group said, would get the decryption key.

But an auction for hacking tools and exploits is not something that ever happens, experts say. Instead, exploits are bought and sold on the black market for hundreds of thousands and sometimes millions of dollars in private.

The NSA did not immediately respond to a request for comment.

NOW WATCH: Amazon has an oddly efficient way of storing stuff in its warehouses

Please enable Javascript to watch this video
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article