Home Security Hacker group claims NSA Windows exploits for sale

Hacker group claims NSA Windows exploits for sale

The hacking group known as Shadow Brokers has released details of a number of tools that can be used to exploit Windows systems, all of which it claims are from the NSA.

The group gained prominence last year when it advertised a number of tools for sale, all of which it had come into possession of by hacking an entity known as the Equation Group. The latter has long suspected of being a front for the NSA.

The tools were verified to be NSA material by a number of sources.

The current exploits which have been listed by the Shadow Brokers include tools to evade anti-virus products, according to Jacob Williams, the founder of Rendition Infosec.

Shadow Brokers advertised the availability of these tools on its Twitter account, with a number of screenshots as well.

Williams wrote that the list of exploits indicated that among them, based on the asking price, was a possible zero-day for the server message block protocol.


One of the screenshots released by the Shadow Brokers, showing some of the exploits it has put up for sale.

Version numbers of the tools indicated that they were under development.

Several plugins were listed by Shadow Brokers as well, including one that had the name EventLogEdit, indicating that it could be used to clear event logs after an intrusion, an advanced capability that often ends up making a system unstable if done randomly.

Williams wrote: "While we understand that event logs can be cleared and event logging stopped, surgically editing event logs is usually considered to be a very advanced capability (if possible at all). We've seen rootkit code over the years (some was published on the now defunct rootkit.com) that supported this feature, but often made the system unstable in the process.

"Knowing that some attackers apparently have the ability to edit event logs can be a game changer for an investigation. If Shadow Brokers release this code to the world (as they've done previously), it will undermine the reliability of event logs in forensic investigations."


Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.