This story is over 5 years old.


‘Shadow Brokers’ Whine That Nobody Is Buying Their Hacked NSA Files

The mysterious hacking group is lashing out at people for not bidding on their stolen malware tools.
Janus Rose
New York, US
Image: Joffi/Pixabay.

The hacking group responsible for stealing a large cache of National Security Agency hacking tools is very upset that no one seems to be bidding on their pilfered files.

Early Saturday morning, the person or group which calls itself "TheShadowBrokers" authored another bizarre rant, expressing their annoyance at the seeming lack of interest in ponying up bitcoins to release the full set of stolen files.


"Peoples is having interest in free files … But people is no interest in #EQGRP_Auction," the mysterious hacker group complained in a ranting post on Medium, which seems to be purposely written in Borat-style broken English. "TheShadowBrokers is thinking this is information communication problem."

The message also blindly lashes out at hackers, foreign intelligence services, and basically anyone else who hasn't bid on the files.

"TheShadowBrokers … is thinking peoples is having more balls, is taking bigger risks for to make advantage over adversaries," the group adds. "Equation Group is pwning you everyday, because you are giant fucking pussies."

So Shadow Brokers are implicitly criticising me for not buying their zero days, or what? Mustafa Al-BassamOctober 1, 2016

TheShadowBrokers originally made headlines after posting a sample of the cache, which contained exploit code matching the names and functionality of several previously-revealed NSA hacking tools. The contents and organization of the files led experts to conclude that they were accidentally left behind on a compromised server once used as a staging area by an NSA-linked hacking entity called Equation Group.

That theory was reinforced last week, when Reuters reported that "four people with direct knowledge" of an FBI investigation into the leak had stated that the files were found by Russian hackers after NSA operatives "mistakenly" abandoned them on a remote server. There is still no conclusive evidence that TheShadowBrokers is associated with Russian intelligence services, however.

Motherboard reached out to the hackers and will post an update if we receive a response. However, the group stated in their Medium post that they would only agree to interviews if offered money.

Of course, it's not exactly surprising that no one is rushing to bid on the group's stolen files. While the tools are likely legit, the high profile of the leak makes it insanely risky, and the suspected age of the exploit code makes it unclear whether the hacks are even still effective.

At the time of this writing, TheShadowBrokers have only received bids for a total of 1.76 bitcoins—or about $1,082—far below the group's asking price of $1 million.