Skip to Content

Hackers Claim to Be Selling Secret U.S. Spy Software

A group called the Shadow Brokers appears to be in possession of NSA code, though it’s unclear exactly how powerful it is.
August 16, 2016

A hacker group claims to be selling U.S. government cyber spying tools in an online auction, and experts suggest the software belongs to the National Security Agency.

The previously unknown hacking collective, which calls itself the Shadow Brokers, claims to have stolen code from the computer espionage team known as the Equation Group—a secretive organization identified last year by Russian security firm Kaspersky. At the time, Reuters claimed that the Equation Group was the work of the U.S. National Security Agency.

The Shadow Brokers have released sample code from its alleged hack on the website Pastebin to prove its legitimacy to potential buyers. The collective claims that the software it has published can be used to break into firewall software from companies like Cisco Systems and Juniper Networks. A security expert speaking to Reuters says the code that has been made public “appears to be relatively old.” But several security experts have told the Wall Street Journal that it does at least appear to be genuine, and one claims that it looks “like a tool kit from the NSA.”

NSA headquarters in Fort Meade, Maryland.

Edward Snowden has also published a series of tweets suggesting that he also believes these pieces of software originate from the government organization. He speculates that the hack may have been made possible if NSA employees left code on staging servers following an operation, leaving it available for a third party that was monitoring its operations to discover. That’s a slightly more nuanced description than the account published in broken English by the hackers themselves:

We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files.

According to Snowden, it wouldn’t be the first time the NSA has been hacked in this way. “The hack of an NSA malware staging server is not unprecedented, but the publication of the take is,” he explained on Twitter. “Circumstantial evidence and conventional wisdom indicates Russian responsibility. This leak is likely a warning that someone can prove U.S. responsibility for any attacks that originated from this malware server. That could have significant foreign policy consequences.”

Despite Snowden’s assertion about Russian involvement, it still remains unclear who is behind this particular operation. It’s also unknown how up-to-date or powerful the rest of the code obtained by the Shadow Brokers actually is. Perhaps unsurprisingly, the hackers reckon that the software being auctioned off is of higher quality than the code the group freely published, claiming that the tools it’s selling are “better than Stuxnet.”

The highest bidder will get to find out. Or for the princely sum of one million bitcoins (about $568 million), the Shadow Brokers say, they will publish the code publicly so the entire world can see it. The true cost, however, may yet prove to fall on the NSA.

(Read more: Wall Street Journal, Paste Bin)

Keep Reading

Most Popular

It’s time to retire the term “user”

The proliferation of AI means we need a new word.

Sam Altman says helpful agents are poised to become AI’s killer function

Open AI’s CEO says we won’t need new hardware or lots more training data to get there.

An AI startup made a hyperrealistic deepfake of me that’s so good it’s scary

Synthesia's new technology is impressive but raises big questions about a world where we increasingly can’t tell what’s real.

Taking AI to the next level in manufacturing

Reducing data, talent, and organizational barriers to achieve scale.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.