Menu
Shared code in Snowden leaks and NSA breach support hackers' claims

Shared code in Snowden leaks and NSA breach support hackers' claims

Shadow Brokers' sample files include a 16-character tracking string identified in a Snowden document

Documents leaked by former National Security Agency contractor Edward Snowden share a malware tracking code with several files released this week by hacking group Shadow Brokers, according to a news report.

Shadow Brokers claimed they had hacked a cyberespionage team linked to the U.S. spy agency when they released a group of sample files earlier this week. Similarities between the Shadow Broker files and information in documents leaked by Snowden give credence to the claims by the anonymous hacking group.

Fourteen files in the Shadow Brokers leak contain a 16-character string, "ace02468bdf13579," that NSA operatives used to track their use of one malware program, The Intercept reported Friday. That tracking string was described in an NSA manual for implanting malware originally leaked by Snowden, The Intercept reported.

That tracking string was tied to malware called Seconddate, allegedly designed to intercept web requests and redirect browsers to an NSA server, according to the story. Snowden's leaks provided information on Seconddate, and the Shadow Broker files also include information on the malware, including a file titled SecondDate-3021.exe, The Intercept said.

The Shadow Brokers have offered to sell the trove of supposed NSA files.

One security expert suggested the NSA may have arranged the leak. "You’re talking about the world’s top intelligence agency here," John Gunn, vice president of communications at VASCO Data Security, said by email. "I think it is much more likely that the tools were intentionally leaked and were being used -- just as marked money is used -- to trace criminal and state-sponsored hacking activity."

The leak confirms some information about the NSA that many security experts already knew, added Jonathan Sander, vice president at Lieberman Software, another security vendor.

"We knew from Stuxnet and Snowden’s documents that they were engaging in cyberwarfare, and we knew that means they were developing malware to do it," he said by email. "We knew that the NSA is a department of humans using technology, which means they are vulnerable to mistakes and attacks like all other humans using technology."

The leaks also show the NSA is doing good work, he added. "If anything, the universal agreement on the quality of the tradecraft which was stolen and its clear value on a black market should tell us that our tax dollars are getting quality results," he said.


Follow Us

Join the newsletter!

Error: Please check your email address.

Featured

Slideshows

HP channel recognised at 2017 Partner Awards

HP channel recognised at 2017 Partner Awards

The HP Partner Awards 2017 at Shed 10 kicked off with an AMD-sponsored hackers lounge, a mysterious gaming style area filled with dry ice and red lasers, the waiters wearing Mr Robot style masks.

HP channel recognised at 2017 Partner Awards
Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
HP re-imagines education through Auckland event launch

HP re-imagines education through Auckland event launch

HP New Zealand held an inaugural Evolve Education event at Aotea Centre in Auckland, welcoming over 70 principals, teachers and education experts to explore ways of shaping and enhancing learning using technology.

HP re-imagines education through Auckland event launch
Show Comments