Hackers going by the name Shadow Brokers said on Monday that they will auction stolen surveillance tools they say were used by a cyber group linked to the US National Security Agency.
To arouse interest in the auction, the hackers released samples of programs they said could break into popular firewall software made by companies including Cisco Systems, Juniper Networks and Fortinet Inc.
Neither the companies nor the NSA respond to request for comment.
Promise of a Cyber Weapon Deadlier than Stuxnet
Writing in imperfect English, the Shadow Brokers promised in postings on a Tumblr blog that the auctioned material would contain “cyber weapons” developed by the Equation Group, a hacking group that cyber security experts widely believe to be an arm of the NSA.
The Shadow Brokers said the programs they will auction will be “better than Stuxnet,” a malicious computer worm widely attributed to the United States and Israel that sabotaged Iran’s nuclear program.
Experts Call For Calm
Shadow Brokers could not be contacted and their assertions remain unverified. However, some experts who looked at the samples posted on Tumblr said they included programs that had previously been described and therefore were unlikely to cause major damage.
Claudio Guarnieri, Researcher
The data [released so far] appears to be relatively old; some of the programs have already been known for years to cause [no] significant operational damage.
Still, they appeared to be genuine tools that might work if flaws have not been addressed. After examining the code released Monday, Matt Suiche, founder of UAE-based security startup Comae Technologies, concluded they looked like they “could be used.”
Other security experts warned the posting could prove to be a hoax. The group said interested parties had to send funds in advance of winning the auction via Bitcoin currency and would not get their money back if they lost.
The auction will end at an unspecified time, Shadow Brokers said, encouraging bidders to “keep bidding until we announce winner.”
(This article has been published in an arrangement with Reuters.)