Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

The evidence that ties the ShadowBrokers dump to the NSA comes in an agency manual for implanting malware, classified top secret, provided by Snowden, and not previously available to the public.  (Photo: Ulrich Baumgarten/Getty Images)

The NSA Was Hacked, Snowden Documents Confirm

A top-secret NSA guide, provided by whistleblower Edward Snowden and previously unpublished, confirms that hackers have in fact breached a computer system controlled by the NSA

On Monday, a hacking group calling itself the “ShadowBrokers” announced an auction for what it claimed were “cyber weapons” made by the NSA. Based on never-before-published documents provided by the whistleblower Edward Snowden, The Intercept can confirm that the arsenal contains authentic NSA software, part of a powerful constellation of tools used to covertly infect computers worldwide.

The provenance of the code has been a matter of heated debate this week among cybersecurity experts, and while it remains unclear how the software leaked, one thing is now beyond speculation: The malware is covered with the NSA’s virtual fingerprints and clearly originates from the agency.

The evidence that ties the ShadowBrokers dump to the NSA comes in an agency manual for implanting malware, classified top secret, provided by Snowden, and not previously available to the public. The draft manual instructs NSA operators to track their use of one malware program using a specific 16-character string, “ace02468bdf13579.” That exact same string appears throughout the ShadowBrokers leak in code associated with the same program, SECONDDATE.

SECONDDATE plays a specialized role inside a complex global system built by the U.S. government to infect and monitor what one document estimated to be millions of computers around the world. Its release by ShadowBrokers, alongside dozens of other malicious tools, marks the first time any full copies of the NSA’s offensive software have been available to the public, providing a glimpse at how an elaborate system outlined in the Snowden documents looks when deployed in the real world, as well as concrete evidence that NSA hackers don’t always have the last word when it comes to computer exploitation.

But malicious software of this sophistication doesn’t just pose a threat to foreign governments, Johns Hopkins University cryptographer Matthew Green told The Intercept:

The danger of these exploits is that they can be used to target anyone who is using a vulnerable router. This is the equivalent of leaving lockpicking tools lying around a high school cafeteria. It’s worse, in fact, because many of these exploits are not available through any other means, so they’re just now coming to the attention of the firewall and router manufacturers that need to fix them, as well as the customers that are vulnerable.

So the risk is twofold: first, that the person or persons who stole this information might have used them against us. If this is indeed Russia, then one assumes that they probably have their own exploits, but there’s no need to give them any more. And now that the exploits have been released, we run the risk that ordinary criminals will use them against corporate targets.

The NSA did not respond to questions concerning ShadowBrokers, the Snowden documents, or its malware.

Read the full article at The Intercept.


© 2021 The Intercept

We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.

'We Will Be on the Streets': Lula Vows Resolve as Brazil Heads Toward Runoff

"We don't have a break. We are going to work hard," said the leftist former president. "And we have 28 more days."

Jake Johnson ·


Brazil Votes Live: Lula Wins the First Round Over Far-Right Bolsonaro; Runoff Oct. 30

Lula took the lead as more rural votes counted but failed to reach 50%

Common Dreams staff ·


'Enough is Enough': Hundreds of Thousands March Across the UK

'As wages fall while profits soar, our message is clear... We are here to win.'

Common Dreams staff ·


California Gov. Newsom Proposes Windfall Profits Tax on Big Oil

Calls for windfall profits taxes have increased globally in recent weeks

Common Dreams staff ·


'Incredible': Omar and Khanna Staffers Join Levin's Office in Unionizing

"It is long past time the United States Congress became a unionized workplace, and that includes my own staff," said Rep. Ilhan Omar. "I am proud of all the people on my team who have played a leading role in the staff unionization effort. Solidarity forever."

Jessica Corbett ·

Common Dreams Logo