(Photo: Unsplash / Tarik Haiga)
The Shadow Brokers, the hacking group that leaked a series of cyberattack tools allegedly belonging to the US National Security Agency (NSA), remains one of the biggest mysteries in cybersecurity to this day.
In the history of cyberattacks, many data leaks remain unsolved even years after their occurrence. However, active hacker groups can still be identified, such as the LAPSUS$ ransomware gang that attacked Microsoft and Nvidia, or groups allegedly linked to Russia and China.
The Shadow Brokers case is particularly unusual. This group emerged online in the summer of 2016, amidst the US facing cyberattacks related to the presidential election. Shadow Brokers posted a link to a document titled “Equation Group Cyber Weapons Auction - Invitation,” which mentioned the Equation Group – a secretive cyberattack group that many experts believe is linked to the NSA.
The hacker group claimed to have infiltrated Equation Group and offered to sell "cyber weapons." This is the term for software or exploit code that can be used to infiltrate computer systems. Shadow Brokers demanded a minimum price of 1 million Bitcoin, but many of the tools were later made public.
(Illustrative image: Magnific)
When experts analyzed the tools, they realized they were highly sophisticated, most likely stolen from the NSA. Some of the names in the toolkit also matched programs previously published by whistleblower Edward Snowden.
To date, no one has been arrested or prosecuted directly in connection with this leak. One suspect mentioned was Harold T. Martin III, an NSA contractor arrested for stealing classified information, but this theory is not entirely convincing because Shadow Brokers continued to operate online even after Martin's detention. A more widely discussed theory is that Shadow Brokers may have been created by a Russian cyber espionage group as a propaganda tool.
The impact of the leak was enormous. Among the tools disclosed was EternalBlue, a Windows vulnerability exploitation toolkit. Zero-day vulnerabilities are security flaws unknown to developers, and therefore have no patches. EternalBlue was subsequently used by North Korean hackers to spread the WannaCry ransomware, and by Russian hackers to integrate it into NotPetya, causing an estimated $10 billion in global damage.
The Shadow Brokers case demonstrates that vulnerabilities held by intelligence agencies cannot always remain secret. When these tools are leaked, businesses and users worldwide can suffer the consequences.
Source: https://vtv.vn/nhom-hacker-bi-an-tung-lam-ro-ri-cong-cu-tan-cong-mang-10026052717555505.htm
![[Photo] Standing Committee member of the Party Central Committee Tran Cam Tu working with the Central Inspection Committee](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2026/05/28/1779969579668_ndo_br_bnd-2495-jpg.webp)
Comment (0)