This story is over 5 years old.


​Why Github Removed Links to Alleged NSA Data

Github has hosted hacked data before but swiftly removed links related to the alleged NSA breach.
Image: 360b/Shutterstock

Over the past few days, researchers have pored over dumped data allegedly belonging to a group associated with the NSA. The data, which contains a number of working exploits, was distributed via Dropbox, MEGA, and other file sharing platforms.

The files were also linked to from a page on Github, but the company removed it fairly swiftly—despite having hosted plenty of hacked material in the past. It turns out that removal was not due to government pressure, but because the hacker or hackers behind the supposed breach were asking for cash to release more data.


"Per our Terms of Service (section A8), we do not allow the auction or sale of stolen property on GitHub. As such, we have removed the repository in question," Kate Guarente, from Github's communications team, told Motherboard in a statement.

Specifically, that section of Github's Terms of Service says, "You may not use the Service for any illegal or unauthorized purpose. You must not, in the use of the Service, violate any laws in your jurisdiction (including but not limited to copyright or trademark laws)."

"The Shadow Brokers," the hacker or hackers who released the data, said they would publish more if they were paid the rather extraordinary fee of 1 million bitcoin (approximately $568 million). This attempted fundraiser is presumably the auction or sale of stolen property that the company's statement refers to.

Github has previously hosted hacked data, although not for sale. Back in July of last year, someone uploaded parts of the Hacking Team breach onto Github. These included database components for the Italian surveillance company's main product RCS, an exploit repository, and RCS malware for various operating systems. That data is still sat on Github, free for anyone to download.

Github's removal doesn't necessarily affect the spread of this data: the alleged NSA exploits are still available from some sources the site removed links to.