At the end of October, the hackers leaked a fresh dump containing a list of servers that were hacked by the NSA-linked group known as Equation Group.
The Equation group compromised these targets using the hacking tools codenamed as INTONATION and PITCHIMPAIR. The ShadowBrokers provided the links to two distinct PGP-encrypted archives, the first one offered for free as a proof of the hack (its passphrase was ‘auctioned’), for the second one the group requested 1 million BTC .
The first archive was containing roughly 300MBs of data, including firewall exploits, hacking tools, and scripts with cryptonyms like BANANAUSURPER, BLATSTING, and BUZZDIRECTION.
The security researchers Mustafa Al-Bassam published an interesting post that lists all the exploits, implants, and tools for hacking firewalls (“Firewall Operations”) included in the dump.
The Equation Group ‘s hackers targeted products made by Cisco, Fortigate, Juniper, TOPSEC, and Watchguard.
The majority of files are at least three years old, meanwhile, the newest timestamp dating to October 2013.
Read more: SecurityAffairs