Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

The evidence that ties the ShadowBrokers dump to the NSA comes in an agency manual for implanting malware, classified top secret, provided by Snowden, and not previously available to the public.  (Photo: Ulrich Baumgarten/Getty Images)

The NSA Was Hacked, Snowden Documents Confirm

A top-secret NSA guide, provided by whistleblower Edward Snowden and previously unpublished, confirms that hackers have in fact breached a computer system controlled by the NSA

On Monday, a hacking group calling itself the “ShadowBrokers” announced an auction for what it claimed were “cyber weapons” made by the NSA. Based on never-before-published documents provided by the whistleblower Edward Snowden, The Intercept can confirm that the arsenal contains authentic NSA software, part of a powerful constellation of tools used to covertly infect computers worldwide.

The provenance of the code has been a matter of heated debate this week among cybersecurity experts, and while it remains unclear how the software leaked, one thing is now beyond speculation: The malware is covered with the NSA’s virtual fingerprints and clearly originates from the agency.

The evidence that ties the ShadowBrokers dump to the NSA comes in an agency manual for implanting malware, classified top secret, provided by Snowden, and not previously available to the public. The draft manual instructs NSA operators to track their use of one malware program using a specific 16-character string, “ace02468bdf13579.” That exact same string appears throughout the ShadowBrokers leak in code associated with the same program, SECONDDATE.

SECONDDATE plays a specialized role inside a complex global system built by the U.S. government to infect and monitor what one document estimated to be millions of computers around the world. Its release by ShadowBrokers, alongside dozens of other malicious tools, marks the first time any full copies of the NSA’s offensive software have been available to the public, providing a glimpse at how an elaborate system outlined in the Snowden documents looks when deployed in the real world, as well as concrete evidence that NSA hackers don’t always have the last word when it comes to computer exploitation.

But malicious software of this sophistication doesn’t just pose a threat to foreign governments, Johns Hopkins University cryptographer Matthew Green told The Intercept:

The danger of these exploits is that they can be used to target anyone who is using a vulnerable router. This is the equivalent of leaving lockpicking tools lying around a high school cafeteria. It’s worse, in fact, because many of these exploits are not available through any other means, so they’re just now coming to the attention of the firewall and router manufacturers that need to fix them, as well as the customers that are vulnerable.

So the risk is twofold: first, that the person or persons who stole this information might have used them against us. If this is indeed Russia, then one assumes that they probably have their own exploits, but there’s no need to give them any more. And now that the exploits have been released, we run the risk that ordinary criminals will use them against corporate targets.

The NSA did not respond to questions concerning ShadowBrokers, the Snowden documents, or its malware.

Read the full article at The Intercept.


© 2021 The Intercept

This is the world we live in. This is the world we cover.

Because of people like you, another world is possible. There are many battles to be won, but we will battle them together—all of us. Common Dreams is not your normal news site. We don't survive on clicks. We don't want advertising dollars. We want the world to be a better place. But we can't do it alone. It doesn't work that way. We need you. If you can help today—because every gift of every size matters—please do. Without Your Support We Simply Don't Exist.

'This Is Big': House Passes Amendment to Cut US Complicity in Saudi Bombing of Yemen

The vote, said Rep. Ro Khanna, "sent a clear message to the Saudis: end the bombing in Yemen and lift the blockade."

Andrea Germanos ·


'Hold Strong': Coalition Urges House to Reject Bipartisan Bill Until Reconciliation Package Passed

The bipartisan infrastructure bill "doesn't contain the climate solutions and care, education, and economic investments we need," more than 90 progressive groups wrote in a letter.

Kenny Stancil ·


New Legal Campaign Aims to Protect People and Nature From Polluters' 'Irreparable Damage'

"States must listen to communities' demands to recognize the human right to a healthy environment and better regulate businesses with respect to the impacts of their operations."

Jessica Corbett ·


'You Tell Me What We Should Cut': Sanders Not Budging on $3.5 Trillion

"Poll after poll tells me, and tells you, that what we are trying to do is enormously popular."

Jake Johnson ·


Civil Rights Leaders Decry Senate's Failure to Pass Police Reform Bill

"We will continue to fight and advocate for legislation worthy of George Floyd's name," vowed the heads of seven advocacy groups.

Brett Wilkins ·

Support our work.

We are independent, non-profit, advertising-free and 100% reader supported.

Subscribe to our newsletter.

Quality journalism. Progressive values.
Direct to your inbox.

Subscribe to our Newsletter.


Common Dreams, Inc. Founded 1997. Registered 501(c3) Non-Profit | Privacy Policy
Common Dreams Logo