The FBI is not bidding on stolen National Security Agency (NSA) source code with bitcoins seized from Silk Road, contrary to a widely reported allegation. That’s according to security experts interviewed by The Hill .
The allegation emerged when a bitcoin user sent money to both an NSA source code account and the seized bitcoin account, but no money changed between the accounts, according to experts.
Last week, a group called the Shadow Brokers claimed to have hacked NSA source code and offered to sell hacked source code in exchange for the most generous financial offer. Hence, when someone sent money to both the NSA source code account and the seized bitcoin account, the action fed suspicion that someone was bidding on the hacked NSA source code with the bitcoin the FBI seized from Silk Road.
Some people are mistaking incoming and outgoing payments, said Wesley McGrew, director of cyber operations at HORNE Cyber. He said he initially made the same mistake. If one does not look closely enough, or is not familiar with bitcoin, the mistake is easy to make.
Bitcoin users’ real names and locations are not public, but the transactions among the anonymous accounts are visible to everyone on the public ledger.
The Shadow Brokers claimed that whoever sent it the most bitcoin would be rewarded source code that was believed to be from an NSA hacking operation.
The Shadow Brokers released samples containing previously unknown techniques for breaking into security hardware that was referenced in documents released by former NSA contractor Edward Snowden. The documents also included a software tracking code mentioned in documents Snowden previously released.
McGrew said the person who sent bitcoin to both accounts appears to be someone who wants to get his name on both ledgers. He noted that the person manipulated transaction data recorded from small payments to the auction account that spells out the lyrics of the song, “Never Gonna Give You Up” by Rick Astley. The song is a variant of “Rickrolling,” an Internet prank.
The Shadow Brokers claimed to have hacked a group called Equation Group, whose level of sophistication has led some researchers to believe it is NSA-related, CCN.com reported. The Shadow Brokers claimed they stole some of the Equation Group’s hacking tools. They publicized the dump recently and tweeted a link to their manifesto against government sponsors of cyber warfare.
The dumped files contained configurations for command and control servers, installation scripts, and exploits targeted to specific routers and firewalls. The names of some of the tools correspond with those used in Snowden documents, such as “EPICBANANA” or “BANANAGLEE.”
Some security experts said the dump could be a hoax. Others said more analysis is needed.
Featured image from Shutterstock.