List Of Enemy Hackers Revealed By An NSA Leak

When the arcane group calling itself the Shadow Brokers spilled a collection of NSA tools onto the web in a progression of leaks beginning in 2016, they offered an uncommon look into the interior activities of the world's most exceptional and stealthy hackers. Be that as it may, those leaks haven't quite recently given the outside world the access to the NSA's secret abilities.

They may likewise give us a chance to see whatever remains of the world's hackers through the NSA's eyes. A bit of NSA software, called "Territorial Dispute," seems to have been intended to identify the malware of other country state hacker groups on a target computer that the NSA had infiltrated.

The Hungarian security researcher Boldizsár Bencsáth trusts that the particular antivirus tool was premeditated not to expel other spies' malware from the victim machine, yet to caution the NSA's hackers of a foe's ubiety, allowing them to pull back instead of conceivably reveal their traps to an adversary.

Bencsáth, a professor at CrySys, the Laboratory of Cryptography and System Security at the Budapest University of Technology and Economics contends that the Territorial Dispute tool may offer clues of how NSA sees the broader hacker scene.

He's intending to present a paper on the CrySys website on Friday and requesting others to contribute and approaching the security research community to go along with him in investigating the software's clues.

In view of some matches he's set up between components of Territorial Dispute's agenda and known malware, he contends that the leaked program conceivably demonstrates that the NSA knew about some gathering's a very long time before those hackers' activities were uncovered publicly.

"The idea is to find out what the NSA knew, to find out the difference between the NSA viewpoint and the public viewpoint," says Bencsáth, arguing that there may even be a chance of uncovering current hacking operations, so that antivirus or other security firms can learn to detect their infections. "Some of these attacks might even still be on-going and alive."

He trusts that the tool exhibits the NSA's information of some outside malware that still hasn't been openly revealed.

At the point when the leaked version of Territorial Dispute keeps running on a target computer , it checks for signs of 45 distinct sorts of malware—perfectly marked SIG1 through SIG45—via looking for unique documents or registry keys those programs leave on victim machines. SIG2 is malware utilized by another known Russian state hacker group, Turla.

The last and  the latest passage on the list is a bit of malware found openly in 2014, and furthermore attached to that long-running Turla group. Different entries on the list range from the Chinese malware used to hack Google in 2010, to North Korean hacking devices.

Bencsáth believes that the entries in the list show up generally in chronological order, apparently in light of when each was initially known to be deployed. An accumulation of malware known as "Cheshire Cat" is listed before the Chinese malware utilized as a part of the 2010 attack on Google, and specialists believe the components of the campaign goes back as early as 2002. In any case, that code was just uncovered publicly in a discussion at the Black Hat Conference in 2015.

Another situation, the Territorial Dispute lists the malware known as the Dark Hotel, known to have been utilized by North Korean hackers to keep an eye on targeted hotel guests as SIG25.

To be reasonable, the correct order of Regional Question's malware list is a long way from affirmed. A few entries on the list do appear to show up as out of order. Also, regardless of whether the NSA kept its learning of progressing attacks a mystery, that would fit its typical modus operandi, says Matthew Suiche, the founder of security firm Comae technologies, who has closely followed the Shadow Representatives' leaks.

He additionally notes limitations in the information that can be gathered from the Territorial Dispute code. But as the other Shadow Brokers leaks, it might likewise be a year old piece of code.
Withal by putting a call out for different researchers  to crowd source the issue of coordinating those Territorial Dispute entries with past malware tests, Bencsáth hopes that it may very well prompt the identification and blocking  of state-sponsored hacking tools that the NSA has kept a track of for quite a long time.

Canadian Spy agency with help of NSA tracked passengers who used free airport WiFi

Image Credits: Kaspersky
Here is another example why public WiFI networks pose a potential risk to your data.

A report from CBC News based on newly leaked secret document by former U.S. security contractor Edward Snowden reveals that Canadian spy agency was spying on the passengers who used free WiFi service in airports.

The Communications Security Establishment Canada (CSEC) is prohibited from spying on Canadians without a warrant.  However, they have collected metadata about all travelers passing through Airport including Canadians.

The document presented to the CBC shows the captured information from travelers' devices was then helped the spy agency to track them for a week or more as their wireless devices connected to any other Wi-FI hot spots in locations around Canada and event at US airports.

According to CBC, the leaked document suggests that operation was a trial run of a new software developed by CSEC with the help US's National security Agency(NSA).

Two largest Canadian airports - Toronto and Vancouver - and Boingo, a largest independent WiFi services supplier at other airports, have denied the involvement in providing any information of WiFi users.

'Leaky apps' like Angry Birds allows NSA and GCHQ to spy on you

Do You know while you are busy in hitting the pigs in angry birds game, US and UK Spy agencies collecting your personal data?

A recently leaked classified documents by whistleblower Edward Snowden show NSA and GCHQ have been working to develop ways to collect your personal information from so-called "leaky" phone apps.

According to Guardian,  Such apps allow the spy agencies to collect information including phone details and personal info such as age, gender and location and in some cases even sexual orientation.

One of the slides titled "Golden Nugget" shows how NSA able to obtain phone type, buddy lists, "possible image",location and other data, when a user upload a photo taken via mobile.

Many social networking sites such as facebook removes the EXIF metadata(which contains the geolocation details). Guardians points out that agencies still can collect those data, as it is transferred across the networks.

On the other hand, Rovio, the creator of Angry Birds, said in a press release that it doesn't share any data with spy agencies.  It points finger at the third-party advertising networks.

"The alleged surveillance may be conducted through third party advertising networks used by millions of commercial web sites and mobile applications across all industries" Rovio's statement reads.

NSA paid $10 million to RSA for making flawed algorithm to weaken encryption

The US National Security Agency(NSA) has secretly paid $10 million for one of the major & respected security firm RSA, to make a flawed algorithm in order to weaken the encryption, according to exclusive report from Reuters.

In September, New York Times reported a story based on documents leaked by former NSA contractor Edward Snowden that NSA created a flawed formula for generating random numbers to create "backdoor" in encryption software.

Reuters later reported RSA became the lead distributor of the formula by using it into an encryption tool known as Bsafe that is used by software developers to improve security in their products.

Two sources disclosed a new information to Reuters that RSA had received the money in exchange for making the NSA's formula as the default method for number generation in the BSafe software.

In a statement to Reuters, RSA denied the allegations saying "RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own."

Source: Reuters

Digital Sleeper Cell: NSA infected 50,000 computer network with data stealing malware

The NSA has infected more than 50,000 computer networks across globe with a malware which is capable of stealing sensitive data from the victim's machine.

According to the report which is based on documents provided by US whistleblower Edward Snowden, the practice called as Computer Network Exploitation (CNE)".

The malware is being referred as "digital Sleeper cell" , it is being controlled by NSA and they can remotely turn it on or off.

The number of infected networks in 2008 is reportedly over 20,000.  By mid of the 2012, the number of infected network is increased to 50k.

NoScript Anywhere (NSA) Firefox Security Add on Available for Mobiles

NoScript Anywhere (NSA) is one of Famous Firefox Add on that provides protection from Cross site Scripting ,Clickjacking,etc. It blocks malicious script.  Now this extension is available for Mobile Operating systems also(Android and Maemo builds).

This is first complete version(NoScript 3 alpha 9) of Noscript extension for mobile. NSA provides features like Desktop version. Like Desktop version, You can allow javascript in trusted sites (whitelist) and block for all other sites(Blacklist).

  • Easy per-site active content permissions management.
  • The first and most powerful anti-XSS (cross-site scripting) filter available in a web browser.
  • ClearClick, the one and only effective client-side protection against Clickjackings available on the client side.
  • ABE (App Boundaries Enforcer), a true webapp firewall inside your mobile browser to protect your router and web applications against CSRF and DNS rebinding attacks.
  • Restartless: no need to restart after you install the add on.
  • new page permission editing UI, specifically redesigned for smartphone usage and easily accessible by tapping on a navigation bar icon.
Blocks XSS Attack(Malicious Javascript)

Blocks Clickjacking Attack

Install NSA 3 Alpha 9 now: