Advertisement

Someone bid $9,000 worth of bitcoin for supposed NSA exploits

In August, a group of supposed hackers calling themselves the Shadow Brokers leaked a trove of outdated NSA-linked cyber weapons and encouraged observers to bid on software exploits they had stolen. On Wednesday, someone paid the group $9,000 worth of bitcoin, based on publicly visible transaction records. The mysterious payment represents the single largest bid made to a bitcoin wallet previously listed by the Shadow Brokers.
HackForums
(Peter Taylor / Flickr)

In August, a group of supposed hackers calling themselves the Shadow Brokers leaked a trove of outdated NSA-linked cyber-weapons and encouraged observers to bid on software exploits they had stolen. On Wednesday, someone paid the group $9,000 worth of bitcoin, based on publicly visible transaction records. The mysterious payment represents the single largest deposit made to a bitcoin wallet previously listed by the Shadow Brokers.

While the aforementioned bitcoin wallet had seen past activity in the form of small deposits ranging from just a few cents to several hundreds of dollars, Wednesday’s payment is by far the largest contribution. Bitcoin is an anonymous digital currency that is sold, traded, accepted and tracked online.

Advertisement

Former NSA contractor and Booz Allen Hamilton employee Harold Martin is one of the prime suspects behind the Shadow Brokers leaks, according to The Washington Post. He was arrested by the FBI on Aug. 27 for allegedly stealing more than 50 terabytes’ worth of data over the course of a two-decade career working for both the NSA and Office of the Director of National Intelligence. Although Martin was arrested in late August, subsequent communications from the Shadow Brokers has indicated the involvement of others.

Investigators say Martin was communicating online with various individuals in Russian.

Screen Shot 2017-01-04 at 1.00.06 PM

SB bitcoin wallet address page

The $9,000 payment comes about three months after someone claiming to represent the group wrote a Medium post in which the author provides a list of IP addresses that were supposedly once used as staging servers by the Equation Group, an elite hacking unit widely believed to be affiliated with the NSA. That message was signed with the same PGP key used to sign a previous post.

In older Medium posts signed by the Shadow Brokers, the group described a frustration with the lack of bidding and attention from mainstream media outlets. Since emerging into public view, the group has changed the price and format of its auction multiple times.

Advertisement

Cybersecurity experts say that past leaks by the group contained legitimate exploits capable of penetrating systems.

Most recently, the Shadow Brokers advertised a crowdsourced fundraising dynamic, where the code behind the digital weapons would be openly published once the offering reached a monetary goal of roughly $7,070,300 in bitcoin. Even with the $9,000 deposit, the ShadowBrokers are still short of that goal by about $7,059,000.

Chris Bing

Written by Chris Bing

Christopher J. Bing is a cybersecurity reporter for CyberScoop. He has written about security, technology and policy for the American City Business Journals, DC Inno, International Policy Digest and The Daily Caller. Chris became interested in journalism as a result of growing up in Venezuela and watching the country shift from a democracy to a dictatorship between 1991 and 2009. Chris is an alumnus of St. Marys College of Maryland, a small liberal arts school based in Southern Maryland. He's a fan of Premier League football, authentic Laotian food and his dog, Sam.

Latest Podcasts