NSA leak is real, Snowden documents confirm (https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/).

The Shadow Brokers are tied to top secret NSA technology by evidence in their hack traces.

https://www.extremetech.com/wp-content/uploads/2016/08/shadow-broker-2-300x300.jpg


Its release by ShadowBrokers, alongside dozens of other malicious tools, marks the first time any full copies of the NSA’s offensive software have been available to the public, providing a glimpse at how an elaborate system outlined in the Snowden documents looks when deployed in the real world

Edward Snowden has been complaining for a while now about how these tools simply leave the US more open to attacks; by creating it (much less on tax dollars), they are endangering every nation on the planet to these kinds of attacks.


The inevitable consequence of maintaining known vulnerabilities in US products is their discovery by enemies.

— Edward Snowden (@Snowden) August 16, 2016

I encourage you all to check out the files, especially if you are into reading stuff with top secret labels on it. :cash::cash::cash::cash::cash::cash::cash::cash:


Documents published with this story:

NSA Central Security Service: FOXACID SOP for Operational Management of FOXACID Infrastructure (Draft)
Wireless LAN / CNE Tool Training Course and Evaluation
Course introduction
Introduction to WLAN / 802.11 Active CNE Operations
Introduction to BADDECISION
NSA: Expeditionary Access Operations: NSA’s Close Access Network Exploitation Program (“CNO Course – EAO”)
NSA Remote Operations Center: FOXACID Overall Briefing
NSA SIGINT Development (SIGDEV): SIGINT Development Support II Program Management Review, 24 April 2013 (select slides)

Already downloaded the files and checked out the source code. They are the real deal. Some real nasty malware in there and it gave me some ideas...

LivioRazio - Foxacid is about attacking users who use TOR correct?

LivioRazio - Foxacid is about attacking users who use TOR correct?

Correct. Foxacid is a unit within the NSA I believe that their speciality is sniffing out users who like Tor and Firefox.

Already downloaded the files and checked out the source code. They are the real deal. Some real nasty malware in there and it gave me some ideas...
Nice catch, Sir!
What about to share some knowledge? :)

LivioRazio - Foxacid is about attacking users who use TOR correct?

See this post for some more details on the operation: NSA Treats and Tricks (http://projectavalon.net/forum4/showthread.php?92719-NSA-Treats-and-Tricks)

LivioRazio - Foxacid is about attacking users who use TOR correct?

See this post for some more details on the operation: NSA Treats and Tricks (http://projectavalon.net/forum4/showthread.php?92719-NSA-Treats-and-Tricks)

Have reviewed. IT is certainly mind-blowing that everyone now is 'free-range-game' for the Agency.

Hacking tools stolen from NSA show Chinese cyberfirms were targeted, experts say (http://www.veteranstoday.com/2016/08/22/hacking-tools-stolen-from-nsa-show-chinese-cyberfirms-were-targeted-experts-say/)

By Ian Greenhalgh (http://www.veteranstoday.com/author/iangreenhalgh/) on August 22, 2016

One victim was Topsec, a Beijing-based company that provides network security for the government and PLA, according to analysts


http://www.veteranstoday.com/wp-content/uploads/2016/08/NSA-apple-ios-hacking-640x449.jpg (http://www.veteranstoday.com/wp-content/uploads/2016/08/NSA-apple-ios-hacking.jpg)


[ Editor’s note: The cyber wars, while far less public than the actual shooting wars, are no less real and sometimes no less damaging to the nation states under attack.



We have seen Russia turn to domestic microprocessors and software for their governmental and military computing needs, casting aside Intel, Microsoft and other US companies for the simple reason that they cannot trust US products not to be fatally compromised by so-called ‘back doors’ and other exploits that would threaten the security of the systems they are part of.



Now China is following suit, a move which will displease the US for multiple reasons; publicly they will talk about the loss of exports, privately they will be upset that this move will make cyber-espionage a much more difficult proposition... Ian (http://www.veteranstoday.com/staff-writers/)]

__________


South China Morning Post

Hacking tools stolen from NSA show Chinese cyberfirms were targeted, experts say (http://www.scmp.com/news/china/diplomacy-defence/article/2006313/hacking-tools-stolen-nsa-show-chinese-cyberfirms-were)

Hacking tools claimed to be pilfered from the US National Security Agency reveal a ­severe security threat to China, mainland experts say, with a leading national provider of network security said to be among the victims of the government hackers.

Some of the data was released online over the weekend by the Shadow Brokers, an anonymous group of hackers which said it took them from the “Equation Group”, an elite espionage team widely believed to be operated by the NSA. An increasing number of security experts have since said the data appeared to be legitimate.

Topsec is one of the largest security hardware suppliers in China, as big as Huawei. American cybersecurity firm Risk Based Security studied the release and found one victim was Beijing Topsec Network Security Technology, which provides firewall ­services to government arms, including the tax bureau, as well as the military.

An analysis of the data by mainland ­cybersecurity company Rising showed China was at a severe risk.
“We can tell for certain now that some attacks have been carried out against China,” Rising senior engineer Tang Wei said. “Topsec has been compromised; they are one of the largest security hardware suppliers in China, as big as Huawei.”
Topsec provided internet security services for aspects of national space projects, including the maiden launch of the Long March 7 rocket in June and the docking of the Tiangong-1 space station with the Shenzhou-9 and Shenzhou-8 spacecrafts.

Topsec has also provided information security for several international events held in China, such as the 2008 Beijing Summer Olympics, the 2010 Shanghai Expo and the World Internet Conference in Wuzhen in Zhejiang province last year.

China and the US have traded accusations of hacking for years, but in 2013 former American intelligence analyst Edward Snowden revealed details about the extent of the NSA’s global surveillance programmes in 2013. He provided documents that showed the NSA was carrying out extensive hacking of major telecoms providers in China, and the Hong Kong headquarters of Pacnet, which owns a key fibre-optic submarine cable in the region.

A year later the US Justice Department charged five officers in the People’s Liberation Army over computer hacking and economic espionage.

Since the Snowden incident, China has replaced network components developed by overseas companies such as Cisco Systems to prevent infiltrators from exploiting “back doors”. But the code, which was created in 2010 and updated constantly until 2013, suggested domestic providers could be vulnerable to overseas attacks too, experts said.

According to Tang, hackers could target vulnerabilities in firewall equipment and infiltrate internal networks run by commercial organisations or the government without being detected. “Many Chinese security companies, including us, are studying the data to patch up security loopholes. But what worries us most is that the tools have been disclosed,” Tang said.

Another security expert, who declined to be named, said that although Topsec might not have the best engineers or technology among mainland cybersecurity companies, they were closest to the government. “In terms of government and military purchases, they are No 1, no doubt, leaving the runner-up nearly a block ­behind,” the source said.

In addition to Topsec, three American companies – Cisco, Juniper Networks and Fortinet – were targeted by the Equation Group, according to the analysis by Risk Based Security.

Another Chinese firm Shaanxi Networkcloud Information Technology was also targeted, according to a blog post by Nicholas Weaver, a researcher at the International Computer Science Institute in California. Networkcloud, located in Shaanxi province, is a distributor for Topsec, according to its website.

Both Chinese companies did not ­immediately respond to inquiries by the South China Morning Post.

The Shadow Brokers is auctioning the remaining tools to the highest bidder, ­saying that it will release them publicly if it receives 1 million bitcoins, valued at roughly US$568 million.

____________