Shadow Brokers Hacking Group Claims To Have Stolen NSA’s Elite Cyber-Attack Toolkit

A hacking group that calls itself Shadow Brokers claims to have stolen sophisticated surveillance tools previously used by a group of high-tech hackers with ties to the U.S. National Security Agency (NSA). The group announced plans to auction off the tools, though security experts aren't sure if what they have is the real deal or if this is an elaborate hoax.

In a post that's since been removed on Tumblr, the hacking group said it's in possession of cyber weapons made by the creators of Duqu, Flame, and Stuxnet and that this cache of tools is even more dangerous. Stuxnet is still considered one of the most advanced computer worms ever built. It's widely credited to the United States and Israel and was used to disrupt Iran's nuclear program.


Shadow Brokers says it obtained the hacking tools up for auction by infiltrating the Equation Group, a hacking group that many believe is an extension of the NSA. The compressed cache of data is around 256 megabytes and contains a large number of batch scripts and python scripts. Some of the files have been made available for free to entice buyers into participating in the auction.

While the early consensus is that the data is real, the exploits they take advantage of may have been patched a long time ago.

"The data appears to be relatively old; some of the programs have already been known for years," security researcher Claudio Guarnieri told Reuters. He added that they're not likely "to cause any significant operational damage."

Those who participate in the auction will have to gamble on the tools being real and still capable of inflicting damage. Shadow Brokers is only accepting bids in the form of Bitcoin, and win or lose the bids are non-refundable. However, if the auction reaches 1 million Bitcoin (worth around $569.5 million in U.S. currency), the group says it will release more Equation Group files of the same quality, unencrypted and free for everyone.