Newly Uncovered Site Suggests NSA Exploits For Direct Sale (vice.com) 33
An anonymous reader quotes a report from Motherboard: The Shadow Brokers -- a hacker or group of hackers that stole computer exploits from the National Security Agency -- has been quiet for some time. After their auction and crowd-funded approach for selling the exploits met a lukewarm reception, the group seemingly stopped posting new messages in October. But a newly uncovered website, which includes a file apparently signed with The Shadow Brokers' cryptographic key, suggests the group is trying to sell hacking tools directly to buyers one by one, and a cache of files appears to include more information on specific exploits. On Wednesday, someone calling themselves Boceffus Cleetus published a Medium post called "Are the Shadow Brokers selling NSA tools on ZeroNet?" Cleetus, who has an American flag with swastikas as their profile picture, also tweeted the post from a Twitter account created this month. The site includes a long list of supposed items for sale, with names like ENVOYTOMATO, EGGBASKET, and YELLOWSPIRIT. Each is sorted into a type, such as "implant," "trojan," and "exploit," and comes with a price tag between 1 and 100 bitcoins ($780 -- $78,000). Customers can purchase the whole lot for 1000 bitcoins ($780,000). The site also lets visitors download a selection of screenshots and files related to each item. Along with those is a file signed with a PGP key with an identical fingerprint to that linked to the original Shadow Brokers dump of exploits from August. This newly uncovered file was apparently signed on 1 September; a different date to any of The Shadow Brokers' previously signed messages.
Wow (Score:1)
Re: (Score:1)
Things could get pretty exciting soon.
I hope things get extremely 'interesting', in the Chinese-curse way, for those at the upper levels of power in the US intelligence services who happily make everyone less-safe so they can play Big Brother. Live by the hack/exploit, die by the hack/exploit.
Karma's a bitch, ain't it boys?
Just wait until the *next* breach!
Or has it already happened? ;)
Strat
Re:Wow (Score:4, Interesting)
Shut up moron, this affects FAR MORE PEOPLE than the tiny sliver of intelligencia who are responsible for crafting or using it.
Yes, yes it does, and in very, very bad ways on multiple levels. It affects every US citizens' civil rights. It gives carte blanche to domestic surveillance which invariably will lead to authoritarianism & a police-state which we already see the beginnings of with things like 'parallel construction'. It weakens security for everyone on the internet and makes them vulnerable to bad actors, both criminal and State-sponsored. It threatens the national economy and foreign trade where we already see it affecting exports of US IT hardware.
The rank & file, especially by this point, know full-well the kind of authoritarian, criminal, and *dangerous* people they work for. If they continue to 'just do what they're told' they will be just as guilty as the German prison camp guards of WW2. They have a choice. Walk away. "The only thing necessary for the triumph of evil is for good men to do nothing." - Edmund Burke
So YOU shut up. The ends do not justify the means. I think that many of those in US intelligence have stared too long into the Abyss, and it has stared too long back into them. They are rapidly becoming what they originally started out to combat. They need to have their toys taken away and kicked out of the sandbox.
Strat
Government secrecy degrades democracy. (Score:2)
"The rank & file [of the NSA], especially by this point, know full-well the kind of authoritarian, criminal, and *dangerous* people they work for. If they continue to 'just do what they're told' they will be just as guilty as the German prison camp guards of WW2. They have a choice. Walk away."
News stories about the NSA have always communicated an underlying assumption that the NSA is well-managed. But any secret agency can avoid discovery of bad management.
There are many secret an
Re: (Score:2)
1. For the first time in a few decades a NSA staging server was left open?
A gov/mil worker made an error? A contractor made a mistake? The buddy system failed and two contractors together did not spot the error?
That happened for the first time in decades of the NSA having total mastery of the internet and not been tracked in real time.
2. Another friendly nation finally educated some of its own staff to near NSA skill levels and they found a live in use staging server and had a look, f
Re: (Score:1)
Re: (Score:3)
Is anyone making the case that this is ethical?
No one cares (Score:1)
Who gives a shit about this seriously? It's just maneuvering from state sponsored hacking teams. It's all bullshit to peddle their trojan horse software. No one is going to touch that shit so stop reporting about a group that is attempting to distribute software laced with nasty backdoors (confirmed). This has all the same hallmarks as the French Hacking Team who was selling their backdoor laced surveillance programs to 3rd world drug lords.
FBI and NSA (Score:2)
Sounds like the FBI and the NSA are having a garage sale in order to raise funds for the next 4 years while they still can. Trump is going to have them operating on Fisher Price computers.
https://www.bedbathandbeyond.c... [bedbathandbeyond.com]
Re: (Score:2)
>suitable for kids ages 6 to 36 (3 years) months old
At two years, a throw-away used laptop or cheap Chinese tablet is better. Especially when they already know how to find Pingu on Youtube.
--
BMO
P.S. It still blows my mind that kids these days will never know a time before the existence of a computer in the home, let alone one you can put in your pocket that happens to make phone calls as an adjunct function.
Re: (Score:1)
Re: (Score:1)
NSA should be forced to warn potential victims (Score:3)
Since they found and developed these exploits, but could not keep them secret, they should be forced to at least warn those potentially impacted, oe better yet provide defences.
Bet they're not, tho'
Re: (Score:2)
Why would you ever think that?
"Cleetus, who has an American flag with swastikas as their profile picture ..."
They seem real nice.
sell to foreign governments? (Score:2)
Who would buy these? I can't imagine most petty criminals would attach much value to this sort of nebulous thing. There would be no guarantees you would find some lucrative use for it, if it even is authentic.
On the other hand, I imagine the Chinese government could afford to drop a few bitcoin just to try it out.