The hacking group is now selling another package of hacking tools, “Equation Group Windows Warez,” which includes Windows exploits and antivirus bypass tools, stolen from the NSA-linked hacking unit, The Equation Group.
For those unfamiliar with the topic, The Shadow Brokers is a notorious group of black-hat hackers who, in August 2016, leaked exploits, security vulnerabilities, and “powerful espionage tools” created by The Equation Group.
The data dump contains many windows hacking tools, categorized as following:
- Fuzzing tools (used to discover errors and security loopholes)
- Exploit Framework
- Network Implants
- Remote Administration Tools (RAT)
- Remote Code Execution Exploits for IIS, RDP, RPC, SMB Protocols (Some Zero-Days)
- SMB BackDoor (Implant)
Interestingly, the Remote Administration Tool (RAT) “DanderSpritz” included in the list is the one previously leaked in the NSA’s documents revealed by Edward Snowden.
The FUD toolkit might have an ability to “evade/bypass personal security products,” such as Avira, Avast, Dr.Web, ESET Antivirus, Comodo, McAfee Antivirus, Microsoft Essential, Panda, Symantec, Trend Micro and Kaspersky Antivirus.
The buyers can purchase the entire database of hacking tools that The Equation Group used against various countries to expand its espionage operations.
In August, the Shadow Brokers announced an auction attempting to sell the complete set of tools to the highest bidder, but the group canceled their auction in October due to little or no response on their public sale.
But since this time the group has made Windows hacking tools up for sale, the chances are that hackers and espionage groups would be interested in buying these hacking tools.