Last year, hacking group TheShadowBrokers released a number of NSA exploits into the wild, showing how the agency was able to exploit big-name firewalls. At the same time it also released a second cache of documents, encrypted and password protected. Now, in protest against Donald Trump, the group has released the password for the encrypted data.
TheShadowBrokers used a Medium post over the weekend to express their disgust at Trump’s presidency. The documents and tools released allegedly demonstrate that the US government, through the NSA, has been actively hacking foreign government networks, and reveal an exploit for the Unix-based Solaris operating system.
The post on Medium takes the form of a letter to President Trump, saying that TheShadowBrokers voted for the billionaire but subsequently became disappointed in what he has done. The group says that as well as failing to live up to expectations, Trump has focused on the wrong things, pointing out his obsession with “fake news” as a case in point:
– Don’t care what is written in the NYT, Washington Post, or any newspaper, so just ignore it.
The post is a rambling and somewhat unstructured rant, but it signs off by saying:
Be considering this our form of protest. The password for the EQGRP-Auction-Files is CrDj”(;Va.*NdlnzB9M?@K2)#>deB7mN
The password has been tested, and does decrypt last year’s cache of files. Unsurprisingly, it did not take Edward Snowden long to speak out:
NSA just lost control of its Top Secret arsenal of digital weapons; hackers leaked it.
— Edward Snowden (@Snowden) April 8, 2017
He also suggests that it should be fairly easy for the NSA to determine the source of the leak, and points out that the documents include evidence that the agency hacked US allies:
It hasn’t been reported by anyone yet as far as I’ve seen, but aside from the leak itself, it may be the most newsworthy thing in there. https://t.co/ZxWXlTMto2
— Edward Snowden (@Snowden) April 9, 2017
This is something that security consultant Kevin Mitnik also confirms:
This is interesting. A list of NSA targets and the specific implants installed (IP address included).https://t.co/d0A950lD3t#ShadowBrokers
— Kevin Mitnick (@kevinmitnick) April 9, 2017
Photo credit: 360b / Shutterstock