Shadow Brokers reveals list of Servers Hacked by the NSA

On my previous post I mentioned the Shadow Brokers.  The Shadow Brokers are a group of hackers that initially claimed to have stolen NSA surveillance tools.  Well today October 31, 2016 the Shadow Brokers published a list of foreign servers allegedly compromised by the NSA-linked hacking unit, Equation Group, in various countries to expand its espionage operations. Experts believe the list contains 306 domain names, and 352 IP addresses belonging to at least 49 countries. As many as 32 domains of the total were run by educational institutions in China and Taiwan.  The top 10 targeted countries include: China, Japan, Korea, Spain, Germany, India, Taiwan, Mexico, Italy , and last but certainly not least Russia.  The article also talks about other undisclosed tools that the Equation Group used.  To end this post I wanted to share a comment the Shadow Brokers made.

“TheShadowBrokers is having suggestion. On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being grinch who stopped the election from coming? Maybe hacking election is being the best idea? #hackelection2016.” 


– Andrew Villella





Hacking group claims to offer cyberweapons in online auction


Hackers going by the name Shadow Brokers said they will auction stolen surveillance tools that are linked to the U.S. National Security Agency.   The group said interested parties had to send funds in advance of winning the auction via Bitcoin currency and would not get their money back if they lost.  To arouse interest in the auction, the hackers released samples of programs they said could break into popular firewall software made by companies including Cisco Systems, Juniper Networks and Fortinet.  The companies did not respond to request for a comment and there was no response from the NSA.  The Shadow Brokers promised in postings on a Tumblr blog that the auctioned material would contain “cyberweapons” developed by the Equation Group, a hacking group that cybersecurity experts widely believe to be an arm of the NSA.

The Shadow Brokers said the programs they will auction will be “better than Stuxnet,” which is a  malicious computer worm.  Reuters could not contact the Shadow Brokers or verify their assertions. Some experts who looked at the samples posted on Tumblr said they included programs that had previously been described and therefore were unlikely to cause major damage.  Professionals stated that some of the data released was fairly old and even a couple years old in some cases.  Still, they appeared to be genuine tools that might work if flaws have not been addressed. Other security experts warned the posting could prove to be a scam.

You can find the whole article at