The Shadow Brokers released the password for the NSA hacking tools, which the hacking group previously tried to sell, because they are angry with Trump. Credit: George Hodan Ticked at President Trump, the Shadow Brokers hacking group released the password for the NSA hacking tools they previously tried to sell.In an open letter to President Donald Trump, the group asked, “Respectfully, what the f**k are you doing?” In broken English, they accused the president of “abandoning ‘your base,’ ‘the movement,’ and the peoples who getting you elected.”After a “quick review” of the tools unlocked with the password, Edward Snowden noted that “it’s nowhere near the full library, but there’s still so much here that NSA should be able to instantly identify where this set came from and how they lost it. If they can’t, it’s a scandal.”Snowden later pointed out that researchers had determined the Shadow Broker’s file contained “a list of allies’ civil infrastructure unlawfully hacked by the NSA.” On that leaked list of NSA targets, Snowden said, “Universities are distressingly over-represented.” Universities are distressingly over-represented in the leaked list of NSA targets. Terrible precedent for US to set; hurts us the most. https://t.co/ZxWXlTMto2— Edward Snowden (@Snowden) April 9, 2017Researcher “gray”—aka @666glen666—said the Shadow Broker’s files included “source files for PITCHIMPAIR, the program NSA used to exploit university servers,” as well as “SIDETRACK, the implant used in PITCHIMPAIR.” More NSA targets and the list of implants used against them can be found here.Most of the exploits are old, but there are still interesting tidbits to be learned, as was pointed out by security researcher Tavis Ormandy; the NSA had been exploiting a weakness in Linux for years before it was finally patched. There is speculation that the Shadow Brokers may still be holding onto some of the newer exploits. Besides universities, the NSA compromised numerous organizations to use as staging points to launch attacks and deploy malware. A researcher going by x0rz has tweeted some interesting findings from the NSA hacking tools unlocked with the released password. You can also find good dirt x0rz posted on GitHub, including how the Equation Group was especially interested in GSM core networks.The Shadow Brokers claimed they stole the hacking tools from the NSA-linked Equation Group. When the hacking group first hit the scene in 2016, they leaked some files for free so security researchers could confirm what the group had. More cyber weapon files were encrypted with a password, which the group said it would hand over for 1 million bitcoins. But the auction didn’t go like the group hoped, so the Shadow Brokers released hacking tools that could be used against Windows in January as they called it quits.Not Russian-linked hackers, but former intelligence agency insidersThe timing of the group’s retirement, right before Trump’s inauguration, fed the fires of speculation that the Shadow Brokers had Russian links. This was something the group addressed in its latest letter.“For peoples still being confused about TheShadowBrokers and Russia,” they wrote. “If theshadowbrokers being Russian don’t you think we’d be in all those U.S. government reports on Russian hacking? TheShadowBrokers isn’t not fans of Russia or Putin but ‘The enemy of my enemy is my friend’.”Other experts did not believe the group had Russian ties at all, but consisted of a single person. A former NSA employee told Motherboard, “My colleagues and I are fairly certain that this was no hack, or group for that matter. This ‘Shadow Brokers’ character is one guy, an insider employee.”Additionally, NSA whistleblower William Binney and James Bamford, author of books on the NSA, both believe an insider, not Russia, snagged the cyber arsenal from the NSA. If the Shadow Brokers are to be believed, members of the group were once insiders. The post on Medium stated, “Did you know most of theshadowbrokers’ members have taken the oath ‘…to protect and defend the constitution of the United States against all enemies foreign and domestic…’. Yes sir! Most of us used to be TheDeepState everyone is talking about. But we realized TheDeepState is being the enemy of the constitution, individualism, life, liberty, and the pursuit of happiness.”As for releasing the password to the files purportedly tied to NSA tools, the group doesn’t believe this makes them traitors. Instead, they said, “We view this as keeping our oath to protect and defend against enemies foreign and domestic.” Related content news Dow Jones watchlist of high-risk businesses, people found on unsecured database A Dow Jones watchlist of 2.4 million at-risk businesses, politicians, and individuals was left unprotected on public cloud server. By Ms. Smith Feb 28, 2019 4 mins Data Breach Hacking Security news Ransomware attacks hit Florida ISP, Australian cardiology group Ransomware attacks might be on the decline, but that doesn't mean we don't have new victims. A Florida ISP and an Australian cardiology group were hit recently. By Ms. Smith Feb 27, 2019 4 mins Ransomware Security news Bare-metal cloud servers vulnerable to Cloudborne flaw Researchers warn that firmware backdoors planted on bare-metal cloud servers could later be exploited to brick a different customer’s server, to steal their data, or for ransomware attacks. By Ms. Smith Feb 26, 2019 3 mins Cloud Computing Security news Meet the man-in-the-room attack: Hackers can invisibly eavesdrop on Bigscreen VR users Flaws in Bigscreen could allow 'invisible Peeping Tom' hackers to eavesdrop on Bigscreen VR users, to discreetly deliver malware payloads, to completely control victims' computers and even to start a worm infection spreading through VR By Ms. Smith Feb 21, 2019 4 mins Hacking Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe