Shadow Brokers—the name used by a person or group that created seismic waves in August when it published some of the National Security Agency's most elite hacking tools—is back with a new leak that the group says reveals hundreds of organizations targeted by the NSA over more than a decade.
"TheShadowBrokers is having special trick or treat for Amerikanskis tonight," said the Monday morning post, which was signed by the same encryption key used in the August posts. "Many missions into your networks is/was coming from these ip addresses."
Monday's leak came as former NSA contractor Harold Thomas Martin III remains in federal custody on charges that he hoarded an astounding 50 terabytes of data in his suburban Maryland home. Much of the data included highly classified information such as the names of US intelligence officers and highly sensitive methods behind intelligence operations. Martin came to the attention of investigators looking into the Shadow Brokers' August leak. Anonymous people with knowledge of the investigation say they don't know what connection, if any, Martin has to the group or the leaks.
Equation Group was originally a name researchers from Moscow-based Kaspersky Lab gave to an elite team of NSA-tied hackers who exploited some of the same then-unknown Windows flaws later targeted by the Stuxnet worm that attacked Iran's nuclear program. The group operated undetected for more than 14 years until Kaspersky researchers brought it to light. The researchers dubbed it "Equation Group," but there's no evidence that was the name anyone inside the group used. The people penning posts accompanying the leaks that started in August then used the Equation Group name when identifying the elite team the data and tools allegedly belonged to.
Our IP Address: