Not too long ago The Shadow Brokers decided to make media headlines once again. Albeit there was a lot of confusion regarding their message at that time, the group is far from done. More data has been made public relating to the Equation Group, the unofficial hacking group of the NSA. The newly released data unveils the intricate workings on a toolkit allegedly used by the NSA hacking collective in the past.
The Shadow Brokers Are Still Making Waves
A few months ago The Shadow Brokers suddenly arrived on the scene with a bang. By claiming they had obtained a data dump of information belonging to the Equation Group, the world was put on high alert. Everyone is well aware of how the NSA uses hacking techniques on a regular basis and that the Equation Group is the name of their “unofficial hacking collective.”
Although things have calmed down a bit since, The Shadow Brokers are far from done. Less than three days ago the group unveiled a configuration file belonging to a very particular toolkit. This toolkit has allegedly been used by the Equation Group to hack Sun Solaris servers between 2000 and 2010. During that time, these servers were used to conduct covert cyber attacks against high-value targets.
But there is more, as the leaked data contains over 350 IP addresses and 300 domain names. All of these addresses and domains have been used to host NSA exploit tools in the past. Keeping in mind how no one is supposed to know anything about this classified information, this seems to be another validation of earlier claims made by The Shadow Brokers.
What is rather intriguing is how the largest number of infected hosts were located in Asian countries. China, Japan, and Korea were the main prime targets during these covert operations. For now, it remains unknown why these specific servers were used. Rumor has it that this was done deliberately to make it more difficult to find the culprit behind these covert operations.
While this leaked data is anything but conclusive evidence that The Shadow Brokers obtained what they claim to have, the plot is certainly thickening. Moreover, some of the leaked host information points to platforms that are still actively running the hacking malware in question. Thankfully, cyber criminals will not be able to do much with this information for now.
The bigger question is what type of other information The Shadow Brokers will unveil over time. It is evident that the group still hopes to sell the majority of data on the darknet somehow, even though their original auction did not attract as much attention. At this time it remains unknown who is behind this collective and what their ultimate objective may be.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.
