Last week, a group of mysterious hackers dumped hacking tools from the world’s most powerful spying group, the National Security Agency, and demanded millions in dollars of bitcoins to reveal more tools it accessed. Now, a separate hacker is claiming that he has the rest of the tools.
Associated Press
Using the moniker @1×0123, this hacker began posting his claims yesterday. We’ve been unable to confirm if he’s legit, and he was very touchy and outright refused to provide many details, citing journalists who “fucked up the deal for me” in the past.
We are selling NSA/Equation Group Dump For 8000$ ,
anyone intrested can DM Me for more info pic.twitter.com/vcs0sCEMz0— 1×0123 (@1×0123) August 22, 2016
In a conversation with Gizmodo, the hacker demanded $US1000 ($1311) to show screenshots of his supposed NSA haul. It’s unclear how the hacker supposedly stole the hacks and he refused to explain beyond saying “traded some exploits for access to a private escrow and stole the tar file”. This could mean a variety of things, but it seems like he’s indicating that he tricked the Shadow Brokers, the group that originally claimed to have accessed the NSA tools, and stole the .tar file containing the exploits. Again, we don’t have a way to confirm this is true but this hacker has hacked and sold his exploits in the past. Of course, his supposed screenshot of a conversation with NSA whistleblower Edward Snowden could easily be faked, too. Though Snowden did once offer rare praise for this hacker after he submitted a bug report to the Freedom of The Press Foundation.
Thanks to @1×0123 for reporting a piwik vulnerability to @FreedomofPress! Great work. Got a bug report? Please contact @ageis with details.
— Edward Snowden (@Snowden) April 10, 2016
#NSA focused on browser exploits to gain access to machines, pic.twitter.com/M4GB62977P
— 1×0123 (@1×0123) August 22, 2016
When asked what was contained in the rest of the hack that he obtained, the hacker said it includes a “bunch of 0days for multitype CMS and some scripts .. is all about those python libraries for exploits .. in general all about attacking networks.”
Found 4 canadian IP’s on Tor catego folder, it was used maybe in the arrest of some vendors on silkroad#NSA dump pic.twitter.com/fH1fZgoDV0
— 1×0123 (@1×0123) August 22, 2016
“i can share 50% of it with you if you had an offer for me,” the hacker told Gizmodo. “i just need some money to pay bills and stuff.”