SYMBOLCOMMON_NAMEaka. SYNONYMS

The Shadow Brokers  (Back to overview)

aka: The ShadowBrokers, TSB, Shadow Brokers, ShadowBrokers

The Shadow Brokers (TSB) is a hacker group who first appeared in the summer of 2016. They published several leaks containing hacking tools from the National Security Agency (NSA, including several zero-day exploits.[1] Specifically, these exploits and vulnerabilities targeted enterprise firewalls, antivirus software, and Microsoft products. The Shadow Brokers originally attributed the leaks to the Equation Group threat actor, who have been tied to the NSA's Tailored Access Operations unit.


Associated Families

There are currently no families associated with this actor.


References
2018-10-19Kaspersky LabsAndrey Dolgushev, Dmitry Tarakanov, Vasily Berdnikov
@online{dolgushev:20181019:darkpulsar:c98e816, author = {Andrey Dolgushev and Dmitry Tarakanov and Vasily Berdnikov}, title = {{DarkPulsar}}, date = {2018-10-19}, organization = {Kaspersky Labs}, url = {https://securelist.com/darkpulsar/88199/}, language = {English}, urldate = {2019-12-20} } DarkPulsar
The Shadow Brokers
2017-11-27BlacklakeBrian Krebs
@online{krebs:20171127:who:8490729, author = {Brian Krebs}, title = {{WHO WAS THE NSA CONTRACTOR ARRESTED FOR LEAKING THE ‘SHADOW BROKERS’ HACKING TOOLS?}}, date = {2017-11-27}, organization = {Blacklake}, url = {https://blacklakesecurity.com/who-was-the-nsa-contractor-arrested-for-leaking-the-shadow-brokers-hacking-tools/}, language = {English}, urldate = {2019-11-25} } WHO WAS THE NSA CONTRACTOR ARRESTED FOR LEAKING THE ‘SHADOW BROKERS’ HACKING TOOLS?
The Shadow Brokers
2017-09-07HackReadAhmed Waqas
@online{waqas:20170907:new:e861013, author = {Ahmed Waqas}, title = {{New NSA Data Dump: ShadowBrokers Release UNITEDRAKE Malware}}, date = {2017-09-07}, organization = {HackRead}, url = {https://www.hackread.com/nsa-data-dump-shadowbrokers-expose-unitedrake-malware/}, language = {English}, urldate = {2020-01-07} } New NSA Data Dump: ShadowBrokers Release UNITEDRAKE Malware
The Shadow Brokers
2017-09-06SecurityAffairsPierluigi Paganini
@online{paganini:20170906:shadowbrokers:5909aa9, author = {Pierluigi Paganini}, title = {{ShadowBrokers are back demanding nearly $4m and offering 2 dumps per month}}, date = {2017-09-06}, organization = {SecurityAffairs}, url = {http://securityaffairs.co/wordpress/62770/hacking/shadowbrokers-return.html}, language = {English}, urldate = {2019-12-18} } ShadowBrokers are back demanding nearly $4m and offering 2 dumps per month
The Shadow Brokers
2017-04-18CyberScoopChris Bing
@online{bing:20170418:shadow:f8c81a6, author = {Chris Bing}, title = {{Shadow Brokers leaks show U.S. spies successfully hacked Russian, Iranian targets}}, date = {2017-04-18}, organization = {CyberScoop}, url = {https://www.cyberscoop.com/nsa-shadow-brokers-leaks-iran-russia-optimusprime-stoicsurgeon/}, language = {English}, urldate = {2020-01-12} } Shadow Brokers leaks show U.S. spies successfully hacked Russian, Iranian targets
The Shadow Brokers
2017-04-17CSO OnlineMichael Kan
@online{kan:20170417:new:6eb33c6, author = {Michael Kan}, title = {{New NSA leak may expose its bank spying, Windows exploits}}, date = {2017-04-17}, organization = {CSO Online}, url = {https://www.csoonline.com/article/3190055/new-nsa-leak-may-expose-its-bank-spying-windows-exploits.html}, language = {English}, urldate = {2019-12-24} } New NSA leak may expose its bank spying, Windows exploits
The Shadow Brokers
2017-04-10ThreatpostMichael Mimoso
@online{mimoso:20170410:shadowbrokers:99e90bc, author = {Michael Mimoso}, title = {{ShadowBrokers Dump More Equation Group Hacks, Auction File Password}}, date = {2017-04-10}, organization = {Threatpost}, url = {https://threatpost.com/shadowbrokers-dump-more-equation-group-hacks-auction-file-password/124882/}, language = {English}, urldate = {2020-01-10} } ShadowBrokers Dump More Equation Group Hacks, Auction File Password
The Shadow Brokers
2016-10-31SC Magazine UKRoi Perez
@online{perez:20161031:second:cd0db8c, author = {Roi Perez}, title = {{Second Shadow Brokers dump released}}, date = {2016-10-31}, organization = {SC Magazine UK}, url = {https://www.scmagazineuk.com/second-shadow-brokers-dump-released/article/1476023}, language = {English}, urldate = {2020-01-08} } Second Shadow Brokers dump released
The Shadow Brokers
2016-10-01Vice MotherboardJanus Rose
@online{rose:20161001:shadow:49e8aeb, author = {Janus Rose}, title = {{‘Shadow Brokers’ Whine That Nobody Is Buying Their Hacked NSA Files}}, date = {2016-10-01}, organization = {Vice Motherboard}, url = {https://www.vice.com/en_us/article/53djj3/shadow-brokers-whine-that-nobody-is-buying-their-hacked-nsa-files}, language = {English}, urldate = {2020-01-13} } ‘Shadow Brokers’ Whine That Nobody Is Buying Their Hacked NSA Files
The Shadow Brokers
2016-08-18WikipediaVarious
@online{various:20160818:shadow:31b54c8, author = {Various}, title = {{The Shadow Brokers}}, date = {2016-08-18}, organization = {Wikipedia}, url = {https://en.wikipedia.org/wiki/The_Shadow_Brokers}, language = {English}, urldate = {2020-01-08} } The Shadow Brokers
The Shadow Brokers
2016-08-16Mustafa Al-Bassam
@online{albassam:20160816:equation:e185e6b, author = {Mustafa Al-Bassam}, title = {{Equation Group firewall operations catalogue}}, date = {2016-08-16}, url = {https://musalbas.com/blog/2016/08/16/equation-group-firewall-operations-catalogue.html}, language = {English}, urldate = {2019-11-20} } Equation Group firewall operations catalogue
The Shadow Brokers

Credits: MISP Project