Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Snowden Documents Show NSA Leak is Real: Report

Previously unpublished documents released by former National Security Agency contractor Edward Snowden confirm that some of the spy agency’s top-secret code has been leaked or hacked, The Intercept reported Friday.

Previously unpublished documents released by former National Security Agency contractor Edward Snowden confirm that some of the spy agency’s top-secret code has been leaked or hacked, The Intercept reported Friday.

The online news site’s editors include journalists that worked with Snowden to publicize his notorious 2013 NSA leak revealing the extent of government snooping on private data.

The Intercept said Snowden had given the site a classified draft NSA manual on how to implant malware — malicious code that is used to monitor or control someone else’s computer.

Whether code published online by a mysterious group called “Shadow Brokers” is genuine has been the source of much debate in recent days.

The NSA has steadfastly declined to comment on whether it has been the victim of a security breach.

Over the weekend, the Shadow Brokers posted two sets of files, one that is freely accessible and another that remains encrypted.

They said they would release this additional information subject to raising one million Bitcoins — digital currency, in this case worth about $575 million — through an online auction.

Advertisement. Scroll to continue reading.

According to the Intercept, the draft NSA manual contains instructions to NSA operators telling them to use a specific string of characters associated with the SECONDDATE malware program.

The exact same characters appear throughout parts of the Shadow Brokers leak, the Intercept said.

According to The New York Times, much of the code was created to peer through the computer firewalls of foreign powers like China, Iran and Russia.

Such access would enable the NSA to plant malware in rivals’ systems and monitor — or even attack — their networks.

Whoever obtained the code would have had to break into NSA servers that store the files, the Times said.

Related: Cisco finds zero-day vulnerability leaked by Shadow Brokers

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cyberwarfare

ENISA and CERT-EU warn of Chinese threat actors targeting businesses and government organizations in the European Union.