A group of hackers with the handle “The Shadow Brokers” claims to have penetrated an NSA-backed hacking operation.

The group has leaked a bunch of hacking tools it claims is from the NSA, and they are also currently hosting a Bitcoin auction to sell it off even more data to the highest bidder.


“How much you pay for enemies cyber weapons? Not malware you find in networks. Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. Kaspersky calls Equation Group,” The Shadow Group wrote in a manifesto posted on Pastebin, on GitHub.

“We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files,” wrote The Shadow Group.

Equation Group is believed to be a codename for a government hacking group, very likely the NSA.

In 2015, security researchers at Kaspersky Lab unveiled Equation Group, calling it “a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades.”

According to The Shadow Brokers, they hacked the Equation Group and stole some of its hacking tools, which they publicized on Saturday, tweeting a link to the manifesto to several media companies.

Some security experts believe the data may be legitimate, especially since the exploits look like the sort a group targeting a communications infrastructure would deploy.

At any rate, if it proves to be true, this would be one of the highest-profile and most serious hacks in a long time, or a hoax with a lot of effort put into it.