BBC News

Hackers auction files 'stolen from NSA'

image copyrightThinkstock

A group of hackers calling itself Shadow Brokers claims to have stolen a collection of malware files from a group linked to the US National Security Agency (NSA).

The hackers are holding a bitcoin auction and say they will give the code to the highest bidder.

Experts said that a sample they have released for verification could be genuine.

Whistle-blowing website Wikileaks tweeted that it also had the data.

In a message on file-sharing site Pastebin, Shadow Brokers describes its haul as "cyber weapons" and says it is offering programs "made by creators of Stuxnet, Duqu, Flame" - high profile forms of computer malware said to be government-sponsored.

The department Shadow Brokers claims to have stolen it from is named by security company Kaspersky as the Equation Group, which is believed to be linked to the US security services.

There is no end date for the auction, but the group says that it will send decryption instructions to the winner "when we feel it is time to end".

image copyrightTwitter / WikiLeaks

It also says it may release the code for free if it receives bids totalling more than one million bitcoins (£438m).

But all bidders must pay the full amount up front and will not be refunded even if theirs is not the winning bid.

Shadow Brokers' account on Tumblr has disappeared.

And it does not commit to honouring any of its promises.

In an FAQ about trust, it says: "No trust, risk. You like reward, you take risk, maybe win, maybe not, no guarantees."

It also claims the Equation Group does not know what has been stolen.

Cybersecurity expert Dr Steven Murdoch, from University College London, told the BBC: "It is extraordinary that a government based (or at least government supported) group would get comprehensively hacked, but there is evidence indicating that this may have actually happened,"

"Now that the vulnerabilities that the group were exploiting have been disclosed, they will be fixed and new ones will have to be discovered, at significant expense.

"However, if indeed these techniques were used by the NSA, they will be very worried that there is now enough information leaked that would allow forensics experts to attribute hacking attacks to the NSA, both disrupting ongoing operations and causing embarrassment."

Related Topics

  • Cyber-security
  • Cyber-attacks

More on this story

  • 'Project Sauron' malware hidden for five years