i The Leaked NSA hacking timeline – All things in moderation

The Leaked NSA hacking timeline

The ShadowBrokers group leaked NSA hacking tools timeline

  • August 2016: A group called “ShadowBrokers” asking for 1 Million Bitcoins (around $568 Million) in an auction to release the ‘best’ cyber weapons and more files made by the NSA (United States intelligence organization).

  • August 19, 2016: Cisco confirmed the a zero-day RCE vulnerability (CVE-2016-6366) found in NSA’s exploits.

  • October, 31 2016: The ShadowBrokers published a list of foreign servers allegedly compromised by the NSA-linked hacking unit, Equation Group, in various countries to expand its espionage operations.
    – The top 10 targeted countries include China, Japan, Korea, Spain, Germany, India, Taiwan, Mexico, Italy, and Russia.
    – Targeted Systems are Solaris, Unix, Linux and FreeBSD
    – Link download information leaked: https://mega.nz/#F!D1Q2EQpD!Lb09shM5XMZsQ_5_E1l4eQ

  • December 14, 2016: After Failed Auction, The ShadowBrokers has appeared to have put up the NSA hacking tools and exploits for direct sale on an underground website.

  • January 10, 2017: The ShadowBrokers group is selling another package of hacking tools, “Equation Group Windows Warez” which includes Windows exploits and antivirus bypass tools, stolen from the NSA-linked hacking.

  • March 07, 2017: WikiLeaks published thousands of documents revealing top CIA hacking secrets, including the agency’s ability to break into iPhones, Android phones, smart TVs, and Microsoft, Mac and Linux operating systems … Which includes a total of 8,761 documents, Read more about the leak on the https://wikileaks.org/ciav7p1/

  • April 08, 2017: The ShadowBrokers group has published a bunch of tools that was stolen from the NSA Arsenal Hacker Tools.
    – A Github repository is the following: https://github.com/misterch0c/shadowbroker.
    – Which include these hacking tools have been named are OddJob, EasyBee, EternalRomance, FuzzBunch, EducatedScholar, EskimoRoll, EclipsedWing, EsteemAudit, EnglishMansDentist, MofConfig, ErraticGopher, EmphasisMine, EmeraldThread, EternalSynergy, EwokFrenzy, ZippyBeer, ExplodingCan, DoublePulsar, and others.

  • April 08, 2017: The ShadowBrokers group published more stolen NSA Hacking tools and scripts include:
    – rpc.cmsd a remote root zero-day exploit for Solaris – Oracle-owned Unix-based operating system.
    – The TOAST framework that NSA’s TAO (Tailored Access Operations) team used to clean logs of Unix wtmp events.
    – The Equation Group’s ElectricSlide tool that impersonates a Chinese browser with fake Accept-Language.
    – The evidence of the NSA operators’ access inside the GSM network of Mobilink, one of the Pakistan’s popular mobile operator companies.
    – A Github repository is the following: https://github.com/x0rz/EQGRP

  • April 14, 2017: New update in a github repository which include 3 new folders: Windows, Swift, and OddJob. Read more about this update from:

  • April 22, 2017: Leaked NSA hacking tools named is DoublePulsar being used to hack thousands of vulnerable windows PCs (Include: Windows XP, Windows Server 2003, Windows 7 and 8, and Windows 2012)

  • May 12, 2017: The outbreak of a new ransomware called as WannaCry. A zero-day vulnerability in Windows SMB protocol (port 445) named is Eternalblue (CVE-2017-0143) and DoublePulsar backdoor developed by the NSA has being used to compromised hundreds of thousands of computers worldwide.
    – More about wannacry ransomeware: https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168

  • May 25, 2017 : Over 24,000 PCs Still Vulnerable to EsteemAudit, it’s another dangerous NSA-developed Windows hacking tool leaked by the Shadow Brokers that targets RDP service (port 3389) on Microsoft Windows Server 2003 / Windows XP machines.

  • July 06, 2017: Wikileaks Unveils CIA Implants that Steal SSH Credentials from OpenSSH client on various distributions of Linux OS, including CentOS, Debian, RHEL (Red Hat), openSUSE and Ubuntu.


The hacker news

Leave a Reply